Report - optimhu.com

Report Overview

Visited public
2023-12-17 11:46:33
Tags
URL
optimhu.com
Finishing URL
ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9
IP / ASN
103.224.182.206
#133618 Trellian Pty. Limited
Title
qfind.net

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.qfind.net	unknown	2008-06-09	2012-07-27 10:49:58	2023-12-05 09:18:26	1.7 kB	17 kB	103.224.212.244
ww38.qfind.net	unknown	2008-06-09	2018-08-16 11:25:33	2023-11-29 05:29:57	2.4 kB	8.6 kB	13.248.148.254
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-12-09 10:58:51	346 B	55 kB	142.250.74.132
c.parkingcrew.net	70582	2011-01-24	2017-01-29 20:17:16	2023-12-16 19:05:11	341 B	1.0 kB	185.53.178.30
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22 18:48:38	2023-12-16 19:05:11	406 B	12 kB	108.157.217.223
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02 02:57:40	2023-12-16 05:14:30	3.5 kB	156 kB	216.58.211.14
afs.googleusercontent.com	12123	2008-11-17	2013-05-06 21:11:00	2023-12-16 12:44:57	1.0 kB	2.1 kB	142.250.74.97
optimhu.com	unknown	2023-10-30	2023-11-01 11:16:18	2023-12-04 15:23:55	394 B	188 B	103.224.182.206

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	968 B	2023-03-08	2025-05-03
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24 Last Seen2025-05-03 04:23 Times Seen73123 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	737 B	2024-08-20	2024-08-20
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:43 Last Seen2024-08-20 15:43 Times Seen1 Hash 4e04fdd173153df1b62bf452b3089ad5 cc40962808b4df060f05d5bcf8c81d9cd3f79d2f 034dd23c484683bd2640a60d52f9005b5a8d3f9df0b15abee7860728b202be37 Loading...

	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	917 B	2024-08-20	2024-08-20
Pretty URL www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:43 Last Seen2024-08-20 15:43 Times Seen1 Hash a0f7ae90499ab585b1e88395684e6a44 23b1e5cb047ae7b941aefd5455465d483ac92549 a0c4f2d2d8eef8d6088c071cf2434ba7a63632edcbe7d2bc1149fd8d416d3354 Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	246 B	2024-08-20	2024-08-20
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:43 Last Seen2024-08-20 15:43 Times Seen1 Hash c45f355d94ee436ad42072e4907696af b9863fd48492a70bd41a53234bb9c5c4503db1f3 6a7cadde8762ddfa78579da7408b932a8fbb365f857a112e05672d7fba6d5c9d Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	7.0 kB	2023-03-13	2024-08-21
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:10 Last Seen2024-08-21 09:44 Times Seen6195 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:43 Last Seen2024-08-20 15:43 Times Seen1 Hash 6ca473f53ac85e8a5690537d599bb721 eebbf803cea237593ea702a66b081e0f5f057f8b 942a2cfcd7a0db27326a43e466dcf3ad9c9cf4bd71b90a329acb8074c00cf0bb Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	20 B	2023-03-12	2024-08-21
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 13:00 Last Seen2024-08-21 09:44 Times Seen3983 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	c.parkingcrew.net/scripts/sale_form.js	ScriptElement	761 B	2023-03-07	2025-05-02
Pretty URL c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-02 06:35 Times Seen6457 Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	65 B	2023-03-12	2024-08-21
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:05 Last Seen2024-08-21 08:05 Times Seen21 Hash 9b6c8562f6f9581e047af8b67a74a75d bef4cf83ca054fd29b2697e115e3b2dd7a64f4cd 32da765fca53d1dbfdba5c04f0bdd75370d9bf56e7bdd1fa341fde4671722b83 Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	472 B	2023-03-13	2024-08-21
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:13 Last Seen2024-08-21 09:44 Times Seen6016 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	www.adsensecustomsearchads.com/adsense/domains/caf.js	ScriptElement	150 kB	2023-12-11	2024-08-20
Pretty URL www.adsensecustomsearchads.com/adsense/domains/caf.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 21:56 Last Seen2024-08-20 16:05 Times Seen1131 Hash 0b5819b903639cc259c92636799d165a 550782cda3c88170ba2ffaf93383216608b6b583 c1ac1d06d35bfdf8b8db5d44948f808101fbb2a428e4308710987615c94fe775 Loading...

	www.google.com/adsense/domains/caf.js?abp=1	ScriptElement	150 kB	2023-12-13	2024-08-20
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-13 18:30 Last Seen2024-08-20 15:56 Times Seen2655 Hash abafa0849308459af6d9407e8113b991 ce0b4e1c84fdae81f302e3944ffabe95922cdba6 dba14e89fd4e3f93c81704e1dba22cb195387a59c91392a36e47a4dbbe75d798 Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	669 B	2024-08-20	2024-08-20
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:43 Last Seen2024-08-20 15:43 Times Seen1 Hash fc462dfdc95e6286298c9ae80489e07e fff26d770818e84f1bd03de09197ccc2d722d474 e4ae4e8b520ec7385ad81e3c2b55f9a682cd24deb6f1174ecda4b87353df49ab Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	40 B	2023-08-09	2024-08-21
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-09 10:52 Last Seen2024-08-21 09:42 Times Seen9104 Hash fca3e6a61d4a07440e4f10c4dbaad8e3 41480802bf872b2d15f9cbcadba025fe326eac03 dfe5c5e10934e7abf7903d4ede3b8fa091c11bef63d675808e6314ec763185ee Loading...

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	ScriptElement	71 B	2023-03-08	2024-08-21
Pretty URL ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:23 Last Seen2024-08-21 09:44 Times Seen6209 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

HTTP Transactions (19)

	URL	IP	Response	Size
	optimhu.com/	103.224.182.206		0 B
URL optimhu.com/ IP 103.224.182.206:0 ASN #133618 Trellian Pty. Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: optimhu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found date: Sun, 17 Dec 2023 11:46:13 GMT server: Apache location: http://www.qfind.net?_inv content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	www.qfind.net/?_inv	103.224.212.244		575 B
URL www.qfind.net/?_inv IP 103.224.212.244:0 ASN #133618 Trellian Pty. Limited File type HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document, ASCII text Size 575 B (575 bytes) Hash 89b2e71ccc2c097170da96b8c2ac3691 89211f7db056d4d394911b27b1441b480bf6fb84 ca5533a6c7fdf84f9fd60a1f3552cbbd8c5a89b2629d730e6a723cc6033d93ca HTTP Headers `GET /?_inv HTTP/1.1 Host: www.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Sun, 17 Dec 2023 11:46:14 GMT server: Apache set-cookie: __tad=1702813574.2204810; expires=Wed, 14-Dec-2033 11:46:14 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 575 content-type: text/html; charset=UTF-8 connection: close`

	www.qfind.net/js/fingerprint/iife.min.js	103.224.212.244		14 kB
URL www.qfind.net/js/fingerprint/iife.min.js IP 103.224.212.244:0 ASN #133618 Trellian Pty. Limited File type Unicode text, UTF-8 text, with very long lines (33896), with CRLF line terminators Size 14 kB (14345 bytes) Hash 63f9fd621d1fbd53b7c5856e58c11ccd a46973c2fbdbfeb159e0d717a90f88307e274012 c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089 HTTP Headers `GET /js/fingerprint/iife.min.js HTTP/1.1 Host: www.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.qfind.net/?_inv Cookie: __tad=1702813574.2204810 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Sun, 17 Dec 2023 11:46:15 GMT server: Apache last-modified: Mon, 20 Nov 2023 05:36:39 GMT etag: "85c0-60a8edebfa7c0-gzip" accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 14345 content-type: application/javascript connection: close`

	www.qfind.net/?_inv&fp=e19e1989b72653a7152c87a7240d524a	103.224.212.244	302 Found	2 B
URL User Request GET HTTP/1.1 www.qfind.net/?_inv&fp=e19e1989b72653a7152c87a7240d524a IP 103.224.212.244:80 ASN #133618 Trellian Pty. Limited File type ASCII text Size 2 B (2 bytes) Hash e1c06d85ae7b8b032bef47e42e4c08f9 71853c6197a6a7f222db0f1978c7cb232b87c5ee 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 HTTP Headers `GET /?_inv&fp=e19e1989b72653a7152c87a7240d524a HTTP/1.1 Host: www.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: __tad=1702813574.2204810 Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found date: Sun, 17 Dec 2023 11:46:15 GMT server: Apache location: http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 content-length: 2 content-type: text/html; charset=UTF-8 connection: close`

	www.qfind.net/	103.224.212.244		570 B
URL www.qfind.net/ IP 103.224.212.244:0 ASN #133618 Trellian Pty. Limited File type HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document, ASCII text Size 570 B (570 bytes) Hash 71bd6b772f493b5685332210d8ec48c6 04da490f840da36b161272f163a135a59dce70ec 8f0090345c1d8cd5fe16b238f03976a0a039b98c9cefa109611c1d2f1f258ec5 HTTP Headers `GET / HTTP/1.1 Host: www.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Sun, 17 Dec 2023 11:46:18 GMT server: Apache set-cookie: __tad=1702813578.8650856; expires=Wed, 14-Dec-2033 11:46:18 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 570 content-type: text/html; charset=UTF-8 connection: close`

	ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9	13.248.148.254		6.0 kB
URL User Request GET ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, Unicode text, UTF-8 text, with very long lines (1340) Size 6.0 kB (5978 bytes) Hash e5e854e56c25a9d1c02ae4820291c8a7 16b6975180bad4c907414c111abfd59a07c49034 d00f3f9e0d79c1d7316b91235e8058b5ecca06abdc4348f30babc517e8e79915 HTTP Headers `GET /?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 HTTP/1.1 Host: ww38.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sun, 17 Dec 2023 11:46:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket003 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_pLl4l+88p1ADeM7UELVHYBiw8vNNsGPCzw1UMVelbIqkMEybI8WG2bRJo9HopyMrRqhf3eJngIyGBDD75Dfe6g== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Domain: qfind.net X-Subdomain: ww38 Content-Encoding: gzip

	www.google.com/adsense/domains/caf.js?abp=1	142.250.74.132	200 OK	54 kB
URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132:80 ASN #15169 GOOGLE Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type ASCII text, with very long lines (1888) Size 54 kB (54284 bytes) Hash abafa0849308459af6d9407e8113b991 ce0b4e1c84fdae81f302e3944ffabe95922cdba6 dba14e89fd4e3f93c81704e1dba22cb195387a59c91392a36e47a4dbbe75d798 HTTP Headers `GET /adsense/domains/caf.js?abp=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Sun, 17 Dec 2023 11:46:19 GMT Expires: Sun, 17 Dec 2023 11:46:19 GMT Cache-Control: private, max-age=3600 ETag: "4119344319494620179" X-Content-Type-Options: nosniff Link: <https://www.adsensecustomsearchads.com>; rel="preconnect" Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0

	c.parkingcrew.net/scripts/sale_form.js	185.53.178.30	200 OK	761 B
URL GET HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30:80 ASN #19905 NEUSTAR-AS6 Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type ASCII text Size 761 B (761 bytes) Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 HTTP Headers `GET /scripts/sale_form.js HTTP/1.1 Host: c.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 17 Dec 2023 11:46:19 GMT Content-Type: application/javascript Content-Length: 761 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-2f9" Accept-Ranges: bytes`

	ww38.qfind.net/track.php?domain=qfind.net&toggle=browserjs&uid=MTcwMjgxMzU3OS4xNjU0OjdiOTFhOTQ3N2VkMDAyNDc0NmE1YjVjMWNmMDg3ZGYzYWI5NTNjZWNhMWYyOTYzYzgzNWI1NDU1YThhMTUyNDk6NjU3ZWRmOGIyODYxNw%3D%3D	13.248.148.254	200 OK	20 B
URL GET HTTP/1.1 ww38.qfind.net/track.php?domain=qfind.net&toggle=browserjs&uid=MTcwMjgxMzU3OS4xNjU0OjdiOTFhOTQ3N2VkMDAyNDc0NmE1YjVjMWNmMDg3ZGYzYWI5NTNjZWNhMWYyOTYzYzgzNWI1NDU1YThhMTUyNDk6NjU3ZWRmOGIyODYxNw%3D%3D IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type gzip compressed data, max speed, from Unix - data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=qfind.net&toggle=browserjs&uid=MTcwMjgxMzU3OS4xNjU0OjdiOTFhOTQ3N2VkMDAyNDc0NmE1YjVjMWNmMDg3ZGYzYWI5NTNjZWNhMWYyOTYzYzgzNWI1NDU1YThhMTUyNDk6NjU3ZWRmOGIyODYxNw%3D%3D HTTP/1.1 Host: ww38.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Sun, 17 Dec 2023 11:46:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	ww38.qfind.net/ls.php?t=657edf8b&token=0f334b3ff5fd1661baabcdc10d15fcc022d20b78	13.248.148.254	201 Created	16 B
URL GET HTTP/1.1 ww38.qfind.net/ls.php?t=657edf8b&token=0f334b3ff5fd1661baabcdc10d15fcc022d20b78 IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type JSON data - , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers `GET /ls.php?t=657edf8b&token=0f334b3ff5fd1661baabcdc10d15fcc022d20b78 HTTP/1.1 Host: ww38.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Cookie: GoogleAdServingTest=Good Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 201 Created Date: Sun, 17 Dec 2023 11:46:19 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 657edf8b0a2e5503596eb1e1 Charset: utf-8 Access-Control-Allow-Origin: Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Cmn1CCXgfkN6/GDnVNLobM2Mq2QHZUWmFzRBvbr7VwVLBnGoo8aVev04ZJqaLcf/TCgaQM5blvsCYHUYZX09bA==

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	108.157.217.223	200 OK	11 kB
URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 108.157.217.223:80 ASN #16509 AMAZON-02 Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced - data Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Sat, 16 Dec 2023 17:26:11 GMT Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT Accept-Ranges: bytes ETag: "62b4441b-2c6f" X-Cache: Hit from cloudfront Via: 1.1 5189ed92462b822bc9c8a27ceed0cb4e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: ARN56-P1 X-Amz-Cf-Id: GS8qvzQoLtLpgVeZZ0BZt6YdNMU2TVgX160l1pjiTA5n-Ysa1_BMfg== Age: 66008`

	ww38.qfind.net/favicon.ico	13.248.148.254	200 OK	0 B
URL GET HTTP/1.1 ww38.qfind.net/favicon.ico IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ww38.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 17 Dec 2023 11:46:19 GMT Content-Type: image/x-icon Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes`

	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9	216.58.211.14	200 OK	3.1 kB
URL GET HTTP/2 www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT File type HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, Unicode text, UTF-8 text, with very long lines (14303) Size 3.1 kB (3051 bytes) Hash fa566f0c05ff115db6d748a20b08241a db6298358222068223da05dccbf39581615c2784 981af4d207df2d8511415f700cdadfcabaa0374de04aa081c38d4e0ee8df0c27 HTTP Headers GET /afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Sun, 17 Dec 2023 11:46:19 GMT expires: Sun, 17 Dec 2023 11:46:19 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-rRzk56OSQaFZlGzVtOeuow' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 3051 x-xss-protection: 0 set-cookie: CONSENT=PENDING+277; expires=Tue, 16-Dec-2025 11:46:19 GMT; path=/; domain=.adsensecustomsearchads.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ww38.qfind.net/track.php?domain=qfind.net&caf=1&toggle=answercheck&answer=yes&uid=MTcwMjgxMzU3OS4xNjU0OjdiOTFhOTQ3N2VkMDAyNDc0NmE1YjVjMWNmMDg3ZGYzYWI5NTNjZWNhMWYyOTYzYzgzNWI1NDU1YThhMTUyNDk6NjU3ZWRmOGIyODYxNw%3D%3D	13.248.148.254	200 OK	20 B
URL GET HTTP/1.1 ww38.qfind.net/track.php?domain=qfind.net&caf=1&toggle=answercheck&answer=yes&uid=MTcwMjgxMzU3OS4xNjU0OjdiOTFhOTQ3N2VkMDAyNDc0NmE1YjVjMWNmMDg3ZGYzYWI5NTNjZWNhMWYyOTYzYzgzNWI1NDU1YThhMTUyNDk6NjU3ZWRmOGIyODYxNw%3D%3D IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 File type gzip compressed data, max speed, from Unix - data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=qfind.net&caf=1&toggle=answercheck&answer=yes&uid=MTcwMjgxMzU3OS4xNjU0OjdiOTFhOTQ3N2VkMDAyNDc0NmE1YjVjMWNmMDg3ZGYzYWI5NTNjZWNhMWYyOTYzYzgzNWI1NDU1YThhMTUyNDk6NjU3ZWRmOGIyODYxNw%3D%3D HTTP/1.1 Host: ww38.qfind.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Sun, 17 Dec 2023 11:46:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.97	200 OK	174 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint17:E3:6E:DB:3C:C4:0E:B4:6D:D3:55:1A:70:F8:0B:23:86:54:69:D8 ValidityMon, 20 Nov 2023 08:08:31 GMT - Mon, 12 Feb 2024 08:08:30 GMT File type SVG Scalable Vector Graphics image - , ASCII text, with no line terminators Size 174 B (174 bytes) Hash 11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 16 Dec 2023 21:15:49 GMT expires: Sun, 17 Dec 2023 20:15:49 GMT cache-control: public, max-age=82800 age: 52231 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.97	200 OK	270 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint17:E3:6E:DB:3C:C4:0E:B4:6D:D3:55:1A:70:F8:0B:23:86:54:69:D8 ValidityMon, 20 Nov 2023 08:08:31 GMT - Mon, 12 Feb 2024 08:08:30 GMT File type SVG Scalable Vector Graphics image - , ASCII text, with very long lines (390) Size 270 B (270 bytes) Hash 8959ddcd9712196961d93f58064ed655 62ab1e38e7e9fbf58a04381b76c2d96a9c829f24 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 17 Dec 2023 00:13:50 GMT expires: Sun, 17 Dec 2023 23:13:50 GMT cache-control: public, max-age=82800 age: 41550 last-modified: Thu, 20 Jul 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=k3e8lbewof4c&aqid=i99-ZfC_JY65xdwP88K1-Aw&psid=1167268112&pbt=bs&adbx=375&adby=132&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=588056317&csala=10%7C0%7C413%7C57%7C73&lle=0&ifv=1&hpt=1	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=k3e8lbewof4c&aqid=i99-ZfC_JY65xdwP88K1-Aw&psid=1167268112&pbt=bs&adbx=375&adby=132&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=588056317&csala=10%7C0%7C413%7C57%7C73&lle=0&ifv=1&hpt=1 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=k3e8lbewof4c&aqid=i99-ZfC_JY65xdwP88K1-Aw&psid=1167268112&pbt=bs&adbx=375&adby=132&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=588056317&csala=10%7C0%7C413%7C57%7C73&lle=0&ifv=1&hpt=1 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3bnRIl2Gn1e3NXg7cvi1TA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Sun, 17 Dec 2023 11:46:21 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: CONSENT=PENDING+187; expires=Tue, 16-Dec-2025 11:46:21 GMT; path=/; domain=.adsensecustomsearchads.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=xn2clu602j5r&aqid=i99-ZfC_JY65xdwP88K1-Aw&psid=1167268112&pbt=bv&adbx=375&adby=132&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=588056317&csala=10%7C0%7C413%7C57%7C73&lle=0&ifv=1&hpt=1	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=xn2clu602j5r&aqid=i99-ZfC_JY65xdwP88K1-Aw&psid=1167268112&pbt=bv&adbx=375&adby=132&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=588056317&csala=10%7C0%7C413%7C57%7C73&lle=0&ifv=1&hpt=1 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by http://ww38.qfind.net/?_inv&subid1=20231217-2246-15ed-9104-676bf2cfada9 Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=xn2clu602j5r&aqid=i99-ZfC_JY65xdwP88K1-Aw&psid=1167268112&pbt=bv&adbx=375&adby=132&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=588056317&csala=10%7C0%7C413%7C57%7C73&lle=0&ifv=1&hpt=1 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww38.qfind.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uTuBxJYSqjXoBz4BSgmKRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Sun, 17 Dec 2023 11:46:22 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: CONSENT=PENDING+799; expires=Tue, 16-Dec-2025 11:46:22 GMT; path=/; domain=.adsensecustomsearchads.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/adsense/domains/caf.js	216.58.211.14	200 OK	150 kB
URL GET HTTP/3 www.adsensecustomsearchads.com/adsense/domains/caf.js IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NTdlZGY4YjI4NWVhfHx8MTcwMjgxMzU3OS4xNzU5fGUxMjg1ZThjMzE4YjI2ZmI2NmMxZWQyZTcwYjExZGVhZGQzYThkMmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBmMzM0YjNmZjVmZDE2NjFiYWFiY2RjMTBkMTVmY2MwMjJkMjBiNzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3%7Cs&nocache=8581702813579542&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1702813579543&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=588056317&uio=--&cont=tc&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20231217-2246-15ed-9104-676bf2cfada9 Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT File type ASCII text, with very long lines (1888) Size 150 kB (149504 bytes) Hash 0b5819b903639cc259c92636799d165a 550782cda3c88170ba2ffaf93383216608b6b583 c1ac1d06d35bfdf8b8db5d44948f808101fbb2a428e4308710987615c94fe775 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Sun, 17 Dec 2023 11:46:19 GMT expires: Sun, 17 Dec 2023 11:46:19 GMT cache-control: private, max-age=3600 etag: "11568107927487638084" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by