gshd.gq Open in urlscan Pro
142.11.226.175  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response gshd.gq/Yahooupdate/Y/	26 KB 10 KB	389ms 129ms	Document text/html	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 43e8a6009bdadadf3a9c48930f4405953fbdea936a18d288e5b9c37df0f4d461 Request headers :method GET :authority gshd.gq :scheme https :path /Yahooupdate/Y/login.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Wed, 26 Jun 2019 03:19:02 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44"
GET H2	200	combo.css gshd.gq/Yahooupdate/Y/login_files/	28 KB 5 KB	124ms 123ms	Stylesheet text/css	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/combo.css Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 56509fcb8d84185984927217765bf1afab5b5e217a3c06377bf1388377bb0d1b Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 5044 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	yahoo-main.css gshd.gq/Yahooupdate/Y/login_files/	221 KB 45 KB	126ms 124ms	Stylesheet text/css	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/yahoo-main.css Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 217d0ceb66dfd41cd8946341bc1775ab981c8b5d18c2da44f2c3e89b9bab9db0 Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 46158 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	boot.js Show response gshd.gq/Yahooupdate/Y/login_files/	7 KB 3 KB	246ms 245ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/boot.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 24cddfefc3cb9d150b019c5fa3c9edfa5a74e6d795430e9a56d3549c2e54e838 Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 3488 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	g-r-min.js Show response gshd.gq/Yahooupdate/Y/login_files/	205 KB 83 KB	365ms 364ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/g-r-min.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 9856a8e10e1cfbbe45145181b7a292ff5b1914a0e0baea6dadee4d7c27a6b1ba Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 85017 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	yahoo_en-US_f_p_bestfit.png s.yimg.com/rz/d/	1 KB 2 KB	83ms 22ms	Image image/png	2a00:1288:84:800::1002 YAHOO-AMA
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/d/yahoo_en-US_f_p_bestfit.png Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL), Reverse DNS Software ATS / Resource Hash cb321f8586f713ed1a4a1a2ea8243ab6996a63f5c805d28a59eeb4fb178a8255 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 01:24:18 GMT x-content-type-options nosniff age 6887 x-amz-server-side-encryption AES256 status 200 strict-transport-security max-age=15552000 content-length 1479 x-amz-id-2 EuHA2TDlFsN+yhFcGXNQzVURFKh0qaOOfqQoUcO0B3dVMQbYa5GnbunwWMTnsYdwtk1tDVGR7ac= referrer-policy no-referrer-when-downgrade last-modified Tue, 25 Jun 2019 22:09:54 GMT server ATS etag "ad7337352c9a697837826a01e07c34a0" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin x-amz-request-id 3AADBE0CFB01ECB7 x-xss-protection 1; mode=block cache-control private accept-ranges bytes content-type image/png expires Wed, 26 Jun 2019 23:00:00 GMT
GET H2	200	yahoo_en-US_f_w_bestfit.png s.yimg.com/rz/d/	1 KB 1 KB	84ms 23ms	Image image/png	2a00:1288:84:800::1002 YAHOO-AMA
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/d/yahoo_en-US_f_w_bestfit.png Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL), Reverse DNS Software ATS / Resource Hash 94d34506ffa1e5d4d9459482d29340eae31f5ae6daab1dcc2d8b03eb0a1291d3 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:01:34 GMT x-content-type-options nosniff age 1051 x-amz-server-side-encryption AES256 status 200 strict-transport-security max-age=15552000 content-length 1034 x-amz-id-2 eQk1puMF8zlP8kqPN/QS9YtMgPbPqiYtAi7InX3zTrjVvobG9K5ClrVG7Vi3jtOLttAo4P9ieK0= referrer-policy no-referrer-when-downgrade last-modified Tue, 25 Jun 2019 22:09:55 GMT server ATS etag "e4d58efb0e8785da843bbf7467d8db0e" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin x-amz-request-id 9E4AC801F053A509 x-xss-protection 1; mode=block cache-control private accept-ranges bytes content-type image/png expires Wed, 26 Jun 2019 23:00:00 GMT
GET H2	200	yahoo_en-US_f_p_bestfit_2x.png gshd.gq/Yahooupdate/Y/login_files/	3 KB 3 KB	122ms 121ms	Image image/png	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Show image Full URL https://gshd.gq/Yahooupdate/Y/login_files/yahoo_en-US_f_p_bestfit_2x.png Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208 Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 3066 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	rapid-3.js Show response gshd.gq/Yahooupdate/Y/login_files/	46 KB 16 KB	279ms 278ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/rapid-3.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash a8ce16e3e81873ddcc952b5029fdb0d75bd8e7e18df5a8ec098bfb96a9ac9d26 Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 16472 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	bundle.js Show response gshd.gq/Yahooupdate/Y/login_files/	128 KB 33 KB	280ms 279ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/bundle.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash efdedb0d0a59d4c2074abd88341462c469a98b2deedd42ec80a04893f14e1a14 Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 34119 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	client.php Show response gshd.gq/Yahooupdate/Y/login_files/	13 KB 7 KB	127ms 127ms	Script text/html	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/client.php Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash d6d828a2a1657732b450963c0c566b59afbd5430ca2f51de3656c4bb61b02da4 Request headers Referer https://gshd.gq/Yahooupdate/Y/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44" vary Accept-Encoding content-type text/html; charset=UTF-8
GET		g-r-min.js l.yimg.com/rq/darla/3-10-2/js/	0 0
GET H2	200	r-sf.html Show response gshd.gq/Yahooupdate/Y/login_files/ Frame 2FD6	3 KB 1 KB	122ms 121ms	Document text/html	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 05cc873f4a837292d44d9d326e605e0bc231a534dadc547358ebccc63d52691e Request headers :method GET :authority gshd.gq :scheme https :path /Yahooupdate/Y/login_files/r-sf.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://gshd.gq/Yahooupdate/Y/login.php accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://gshd.gq/Yahooupdate/Y/login.php Response headers status 200 last-modified Tue, 09 Apr 2019 14:44:38 GMT content-type text/html content-length 1047 accept-ranges bytes content-encoding br vary Accept-Encoding date Wed, 26 Jun 2019 03:19:03 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44"
GET H2	200	fuji-spinner-1.0.1.svg s.yimg.com/wm/modern/images/	5 KB 1 KB	23ms 21ms	Image image/svg+xml	2a00:1288:84:800::1002 YAHOO-AMA
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/wm/modern/images/fuji-spinner-1.0.1.svg Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL), Reverse DNS Software ATS / Resource Hash 186034da48941b64b5f6b4d8a0176fb86e2ad6adda436b8eeef521b0166d06c5 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/yahoo-main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers ats-carp-promotion 1 date Tue, 21 May 2019 11:29:53 GMT content-encoding gzip x-amz-meta-created-date Sat, 18 Mar 2017 00:20:34 GMT age 3080951 x-amz-server-side-encryption AES256 status 200 content-length 614 strict-transport-security max-age=15552000 x-amz-request-id 4485BDD53D912637 x-amz-id-2 v8vnVLJdLeQn88K1F2IL8XeopFw2jBUV6xz9CxVNzxTNF53ZpAndyzIrKr4c7ah65p1cjfCaY3w= accept-ranges bytes referrer-policy no-referrer-when-downgrade last-modified Fri, 04 May 2018 05:02:09 GMT server ATS etag "1371fb7ea1d9f283b0964f6d9fedf183-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type image/svg+xml x-xss-protection 1; mode=block cache-control max-age=31536000; public x-amz-meta-x-ysws-mbst-vtime 1489796434429139 x-amz-meta-x-ysws-access public x-amz-meta-mbst-etag "YM:1:9245687e-14b4-4f74-a865-1fdb03b2bc6000054af6434304d3" x-content-type-options nosniff expires Sat, 04 May 2019 05:02:08 GMT
POST H2	204	yql Show response udc.yahoo.com/v2/public/	0 617 B	134ms 42ms	XHR text/plain	2a00:1288:110:c304::1001 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200019&yhlCT=2&yhlBTMS=1561519143461&yhlClientVer=3.53.3&yhlRnd=oSZaGtPetkPYT6T3&yhlCompressed=0 Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/rapid-3.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:110:c304::1001 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/ Origin https://gshd.gq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 26 Jun 2019 03:19:03 GMT x-content-type-options nosniff age 0 p3p policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" status 204 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin server ATS x-frame-options DENY expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 access-control-allow-origin https://gshd.gq cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true expires Wed, 01 Mar 1995 00:00:00 GMT
GET H2	200	boot.js Show response s.yimg.com/rq/darla/	7 KB 4 KB	22ms 21ms	Script application/javascript	2a00:1288:84:800::1002 YAHOO-AMA
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/rq/darla/boot.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/client.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL), Reverse DNS Software ATS / Resource Hash ba5948fddde509e03b04c5c6a9efe60019518f6ff9dc5785c29e74f1dbf14df8 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers ats-carp-promotion 1 date Tue, 25 Jun 2019 03:24:44 GMT content-encoding gzip x-content-type-options nosniff age 86061 x-amz-server-side-encryption AES256 status 200 strict-transport-security max-age=15552000 content-length 3609 x-amz-id-2 KTynxW3jUGnptD2KAR07AIJPWUjJxdtMAYrikee1R+vsDM/ocUwL2up77ygLdwh8dSfhpCeZOQU= referrer-policy no-referrer-when-downgrade last-modified Tue, 18 Jun 2019 17:42:55 GMT server ATS etag "ba64d4936b90e9e230b62b2baae205d8-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding x-amz-request-id DFBA7BA5E64574E2 x-xss-protection 1; mode=block cache-control public,max-age=86400 accept-ranges bytes content-type application/javascript; charset=utf-8
GET H2	200	r-csc.html Show response gshd.gq/Yahooupdate/Y/login_files/ Frame FF6A	4 KB 2 KB	122ms 121ms	Document text/html	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 3cd0c9051974455757eeaf8b66c412f0241911c486aa434acc63cffdbe88596f Request headers :method GET :authority gshd.gq :scheme https :path /Yahooupdate/Y/login_files/r-csc.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://gshd.gq/Yahooupdate/Y/login.php accept-encoding gzip, deflate, br cookie rxx=1fpa3929yrn.1kkdkvml&v=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://gshd.gq/Yahooupdate/Y/login.php Response headers status 200 last-modified Tue, 09 Apr 2019 14:44:38 GMT content-type text/html content-length 1973 accept-ranges bytes content-encoding br vary Accept-Encoding date Wed, 26 Jun 2019 03:19:03 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44"
GET H2	200	fdb1.gif s.yimg.com/rq/darla/i/	1 KB 2 KB	21ms 20ms	Image image/gif	2a00:1288:84:800::1002 YAHOO-AMA
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rq/darla/i/fdb1.gif Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/rapid-3.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL), Reverse DNS Software ATS / Resource Hash ba2d3c58ace4879814bc755ef5bfa3506672b7ce1c5dfa5c9a7efc301b21f36b Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers ats-carp-promotion 1 date Sun, 16 Jun 2019 21:19:51 GMT x-content-type-options nosniff age 799154 x-amz-server-side-encryption AES256 status 200 strict-transport-security max-age=15552000 content-length 1407 x-amz-id-2 evjzknuJU6iVEwU73/fSWcWNOR5+ioajhlCBgcH2idqxaOGATCUsCqf5ao5cNieQnvu7eG+l4IU= referrer-policy no-referrer-when-downgrade last-modified Tue, 12 Jun 2018 06:38:42 GMT server ATS etag "73c99944b40daf4ff518cbf59f9af1de" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin x-amz-request-id 37436B5297398FDD x-xss-protection 1; mode=block cache-control public,max-age=31536000 accept-ranges bytes content-type image/gif
GET H2	200	client.php Show response fc.yahoo.com/sdarla/php/	13 KB 7 KB	251ms 186ms	Script text/javascript	2a00:1288:84:800::1001 YAHOO-AMA
General Check archive.org Show headers Download Go to Full URL https://fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/bundle.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a00:1288:84:800::1001 , United Kingdom, ASN203219 (YAHOO-AMA, NL), Reverse DNS Software ATS / Resource Hash c40d027ca5faa248c5892b84770b9716b074a042eb8259c9e2a1b97150572f0f Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gshd.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding gzip x-content-type-options nosniff age 0 x-dns-prefetch-control off p3p policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" status 200 strict-transport-security max-age=15552000 content-length 6634 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control private,no-cache,no-store x-robots-tag noindex, noarchive, nosnippet, nofollow
GET H2	200	sfext-min.js Show response gshd.gq/Yahooupdate/Y/login_files/r-sf_data/ Frame 2FD6	63 KB 26 KB	122ms 121ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-sf_data/sfext-min.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 0f73d1ff14dae453525f98d21bef99ef11e23b40532c1c7d9caf3d01108cc107 Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 26603 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	adEvent.gif gshd.gq/Yahooupdate/Y/login_files/r-sf_data/ Frame 2FD6	43 B 91 B	129ms 128ms	Image image/gif	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Show image Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-sf_data/adEvent.gif Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed content-type image/gif status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 43 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	Field_Evergreen_PlayNow_1440x1024.jpg gshd.gq/Yahooupdate/Y/login_files/r-sf_data/ Frame 2FD6	186 KB 186 KB	130ms 129ms	Image image/jpeg	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Show image Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-sf_data/Field_Evergreen_PlayNow_1440x1024.jpg Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 22a1235f2868d43c126f18681582ec924f44e3cc3a9605e0be068f5547bb9875 Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed content-type image/jpeg status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 190060 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	404	get-user-id gshd.gq/Yahooupdate/Y/login_files/r-sf_data/ Frame 2FD6	0 0	242ms 241ms	Script text/html	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-sf_data/get-user-id Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-sf.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jun 2019 03:19:03 GMT server LiteSpeed content-type text/html status 404 cache-control private, no-cache, no-store, must-revalidate, max-age=0 alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 1148
GET H2	200	adcount2.js gshd.gq/Yahooupdate/Y/login_files/r-csc_data/ Frame FF6A	1 B 40 B	125ms 125ms	Image application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Show image Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/adcount2.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 1 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	sp.js Show response gshd.gq/Yahooupdate/Y/login_files/r-csc_data/ Frame FF6A	1 KB 562 B	126ms 125ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash bbe64f348d188189ab0cb7c8f5d86263266de1e79f55e85105524fd0623b92c0 Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:03 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 519 expires Wed, 03 Jul 2019 03:19:03 GMT
GET H2	200	sp-frame.html tag.sp.advertising.com/ Frame 5631	0 0	1049ms 7ms	Document text/html	152.195.39.165 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://tag.sp.advertising.com/sp-frame.html?referrer=https%3A%2F%2Fgshd.gq%2FYahooupdate%2FY%2Flogin.php Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.39.165 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECS (fcn/40DF) / Resource Hash Request headers :method GET :authority tag.sp.advertising.com :scheme https :path /sp-frame.html?referrer=https%3A%2F%2Fgshd.gq%2FYahooupdate%2FY%2Flogin.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html Response headers status 200 content-encoding gzip content-type text/html date Wed, 26 Jun 2019 03:19:04 GMT etag "9b27f08842ec1f21101a0bc4c5dba12e+gzip" last-modified Wed, 12 Jun 2019 12:27:24 GMT server ECS (fcn/40DF) vary Accept-Encoding x-amz-id-2 9ZHkTgqVDUBcl5u2Gaef10A8yZ6raZvsTNmius4tp5d6gtABySbRMZYoaIv7gFCarghq7namoW4= x-amz-request-id 1A7DC0F8B5BB7293 x-amz-server-side-encryption AES256 x-cache HIT content-length 153
GET H2	200	sp-frame.html Show response gshd.gq/Yahooupdate/Y/login_files/r-csc_data/ Frame 5FBE	435 B 185 B	121ms 121ms	Document text/html	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame.html Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash acca61fe42d547dafffa2fb94d4df6d47d04aa167ed9971cb550170b50ad0de0 Request headers :method GET :authority gshd.gq :scheme https :path /Yahooupdate/Y/login_files/r-csc_data/sp-frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html accept-encoding gzip, deflate, br cookie rxx=1fpa3929yrn.1kkdkvml&v=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html Response headers status 200 last-modified Tue, 09 Apr 2019 14:44:38 GMT content-type text/html content-length 144 accept-ranges bytes content-encoding br vary Accept-Encoding date Wed, 26 Jun 2019 03:19:03 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44"
GET H2	200	sp-frame.js Show response gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame_data/ Frame 5FBE	7 KB 3 KB	123ms 121ms	Script application/javascript	142.11.226.175 Hostwinds LLC.
General Check archive.org Show headers Download Go to Full URL https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame_data/sp-frame.js Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.11.226.175 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US), Reverse DNS client-142-11-226-175.hostwindsdns.com Software LiteSpeed / Resource Hash 99798bf4b1178b11d0446f5a95cf09d05ce0914e164c827600d1562a87bdfa28 Request headers Referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 03:19:04 GMT content-encoding br last-modified Tue, 09 Apr 2019 14:44:38 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 2717 expires Wed, 03 Jul 2019 03:19:04 GMT
GET H2	200	pixels Show response service.sp.advertising.com/sp/v0/ Frame 5FBE	13 B 209 B	3284ms 13ms	XHR application/json	52.29.114.198 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://service.sp.advertising.com/sp/v0/pixels?euconsent=null&gdpr=null&referrer=https%3A%2F%2Fgshd.gq%2FYahooupdate%2FY%2Flogin_files%2Fr-csc.html Requested by Host: gshd.gq URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame_data/sp-frame.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.29.114.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-29-114-198.eu-central-1.compute.amazonaws.com Software / Resource Hash 243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://gshd.gq/Yahooupdate/Y/login_files/r-csc_data/sp-frame.html Origin https://gshd.gq Response headers status 200 date Wed, 26 Jun 2019 03:19:07 GMT cache-control no-cache access-control-allow-credentials true access-control-allow-origin https://gshd.gq strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

l.yimg.com

URL

http://l.yimg.com/rq/darla/3-10-2/js/g-r-min.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Yahoo (Online)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| oldError boolean| isGoodJS object| YUI_config string| COMET_URL object| I13N_config object| darlaConfig object| challenge boolean| isIOSDevice function| mbrSendError object| DARLA object| $sf undefined| $yac boolean| sf_auto_3-26-5-2019 undefined| Y object| _Y object| YAHOO object| jsModules boolean| mbrJSLoaded function| checkAssets number| lastApvTime object| DARLA_CONFIG

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gshd.gq/Yahooupdate/Y/login_files/r-csc.html(Line 21) Message: darla csc writer, invalid host (1)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fc.yahoo.com
gshd.gq
l.yimg.com
s.yimg.com
service.sp.advertising.com
tag.sp.advertising.com
udc.yahoo.com
l.yimg.com
142.11.226.175
152.195.39.165
2a00:1288:110:c304::1001
2a00:1288:84:800::1001
2a00:1288:84:800::1002
52.29.114.198
05cc873f4a837292d44d9d326e605e0bc231a534dadc547358ebccc63d52691e
0f73d1ff14dae453525f98d21bef99ef11e23b40532c1c7d9caf3d01108cc107
186034da48941b64b5f6b4d8a0176fb86e2ad6adda436b8eeef521b0166d06c5
19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208
217d0ceb66dfd41cd8946341bc1775ab981c8b5d18c2da44f2c3e89b9bab9db0
22a1235f2868d43c126f18681582ec924f44e3cc3a9605e0be068f5547bb9875
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24cddfefc3cb9d150b019c5fa3c9edfa5a74e6d795430e9a56d3549c2e54e838
3cd0c9051974455757eeaf8b66c412f0241911c486aa434acc63cffdbe88596f
43e8a6009bdadadf3a9c48930f4405953fbdea936a18d288e5b9c37df0f4d461
56509fcb8d84185984927217765bf1afab5b5e217a3c06377bf1388377bb0d1b
94d34506ffa1e5d4d9459482d29340eae31f5ae6daab1dcc2d8b03eb0a1291d3
9856a8e10e1cfbbe45145181b7a292ff5b1914a0e0baea6dadee4d7c27a6b1ba
99798bf4b1178b11d0446f5a95cf09d05ce0914e164c827600d1562a87bdfa28
a8ce16e3e81873ddcc952b5029fdb0d75bd8e7e18df5a8ec098bfb96a9ac9d26
acca61fe42d547dafffa2fb94d4df6d47d04aa167ed9971cb550170b50ad0de0
ba2d3c58ace4879814bc755ef5bfa3506672b7ce1c5dfa5c9a7efc301b21f36b
ba5948fddde509e03b04c5c6a9efe60019518f6ff9dc5785c29e74f1dbf14df8
bbe64f348d188189ab0cb7c8f5d86263266de1e79f55e85105524fd0623b92c0
c40d027ca5faa248c5892b84770b9716b074a042eb8259c9e2a1b97150572f0f
cb321f8586f713ed1a4a1a2ea8243ab6996a63f5c805d28a59eeb4fb178a8255
d6d828a2a1657732b450963c0c566b59afbd5430ca2f51de3656c4bb61b02da4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efdedb0d0a59d4c2074abd88341462c469a98b2deedd42ec80a04893f14e1a14
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b