ww38.qfind.net Open in urlscan Pro
13.248.148.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://enersoi.com/0.6961763733170556
Effective URL:
http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Submission: On January 23 via api (January 23rd 2024, 1:10:20 am UTC) from US — Scanned from US

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 13.248.148.254, located in United States and belongs to AMAZON-02, US. The main domain is ww38.qfind.net.

This is the only time ww38.qfind.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 3	103.224.212.244 103.224.212.244	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
4	13.248.148.254 13.248.148.254	16509 (AMAZON-02) (AMAZON-02)
1	185.53.178.30 185.53.178.30	61969 (TEAMINTER...) (TEAMINTERNET-AS)
1	2600:9000:25f... 2600:9000:25f3:7e00:1d:4618:5c80:21	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
20	9

6 103.224.182.206 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

enersoi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ww16.enersoi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.224.212.244 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-244.above.com

www.qfind.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com

ww38.qfind.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.53.178.30 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

c.parkingcrew.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f3:7e00:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	qfind.net 1 redirects www.qfind.net ww38.qfind.net	24 KB
6	enersoi.com 2 redirects enersoi.com — Cisco Umbrella Rank: 674107 ww16.enersoi.com	31 KB
4	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2528	54 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 9526	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 4684	590 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	52 KB
1	cloudfront.net d38psrni17bvxu.cloudfront.net	12 KB
1	parkingcrew.net c.parkingcrew.net — Cisco Umbrella Rank: 183380	1005 B
20	8

	Domain	Requested by
4	www.adsensecustomsearchads.com	www.google.com www.adsensecustomsearchads.com
4	ww38.qfind.net	www.qfind.net ww38.qfind.net
3	www.qfind.net	1 redirects ww16.enersoi.com www.qfind.net
3	ww16.enersoi.com	1 redirects enersoi.com ww16.enersoi.com
3	enersoi.com	1 redirects enersoi.com
2	afs.googleusercontent.com
1	partner.googleadservices.com	www.google.com
1	www.google.com	ww38.qfind.net
1	d38psrni17bvxu.cloudfront.net	ww38.qfind.net
1	c.parkingcrew.net	ww38.qfind.net
20	10

This site contains links to these domains. Also see Links.

Domain
www.above.com

Subject Issuer	Validity	Valid
*.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Frame ID: B8EDA2F946DF2136F24437E2431505AF
Requests: 16 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NWFmMTFmODcyMmY0fHx8MTcwNTk3MjIxNi40ODYxfGE5ZGQ3Yjc5YWI2ZWNjYzE4NzgyZDYwZmIwYTczMTMyMjZkYjNkNjJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU3MDYyNzQ3NDA5MTg5ZjY5N2VjNmRmMjQyN2ZlODhmMTRjNzFmMTd8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&terms=Norton%20AntiVirus&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C71847096&format=r3%7Cs&nocache=9931705972217203&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=2&u_his=2&u_tz=-600&dt=1705972217204&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=599153014&uio=--&cont=tc&drt=0&jsid=caf&jsv=599153014&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20240123-1210-1625-8acf-a29562b80825&referer=http%3A%2F%2Fwww.qfind.net%2F
Frame ID: FEB0A9866887929DA33D9DB44E791A16
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

qfind.net

Page URL History Show full URLs

http://enersoi.com/0.6961763733170556 Page URL
http://enersoi.com/0.6961763733170556?fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73 Page URL
http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73&fp=6a95b942a7ec... HTTP 302
http://www.qfind.net/?_inv Page URL
http://www.qfind.net/?_inv&fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825 Page URL

Page Statistics

20
Requests

35 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

174 kB
Transfer

422 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.above.com/marketplace/qfind.net
Title: Buy this domain.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://enersoi.com/0.6961763733170556 Page URL
http://enersoi.com/0.6961763733170556?fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73 Page URL
http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73&fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://www.qfind.net/?_inv Page URL
http://www.qfind.net/?_inv&fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://enersoi.com/0.6961763733170556?fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73

Request Chain 4

http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73&fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
http://www.qfind.net/?_inv

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 0.6961763733170556 Show response
enersoi.com/ 1 KB
881 B 176ms
87ms Document
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://enersoi.com/0.6961763733170556
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache /
Resource Hash: 68afcf2abdcb8947e1176c7e4d4c77bd1bae4e2d1e7b5fcfbf2981a7d1b4996b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 586
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 01:10:14 GMT
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK iife.min.js Show response
enersoi.com/js/fingerprint/ 33 KB
14 KB 163ms
82ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://enersoi.com/js/fingerprint/iife.min.js
Requested by: Host: enersoi.com
URL: http://enersoi.com/0.6961763733170556
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache /
Resource Hash: c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

accept-language: en-US,en;q=0.9
Referer: http://enersoi.com/0.6961763733170556
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:10:14 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 05:06:15 GMT
server: Apache
etag: "85c0-60a3dfaaa1fc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
connection: close
accept-ranges: bytes
content-length: 14345

GET
H/1.1

200
OK

0.6961763733170556 Show response
ww16.enersoi.com/
Redirect Chain

http://enersoi.com/0.6961763733170556?fp=6a95b942a7ec833b7747f62ce94ceccf
http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73

1 KB
925 B

189ms
100ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73
Requested by: Host: enersoi.com
URL: http://enersoi.com/0.6961763733170556
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache /
Resource Hash: f925faa7645b73f10e9fed67796996e18d44103dcae0099b7d33b76d556f9d76

Request headers

Referer: http://enersoi.com/0.6961763733170556
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 630
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 01:10:14 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

connection: close
content-length: 2
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 01:10:14 GMT
location: http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73
server: Apache

GET
H/1.1 200
OK iife.min.js Show response
ww16.enersoi.com/js/fingerprint/ 33 KB
14 KB 164ms
84ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://ww16.enersoi.com/js/fingerprint/iife.min.js
Requested by: Host: ww16.enersoi.com
URL: http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache /
Resource Hash: c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:10:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 05:06:15 GMT
server: Apache
etag: "85c0-60a3dfaaa1fc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
connection: close
accept-ranges: bytes
content-length: 14345

GET
H/1.1

200
OK

/ Show response
www.qfind.net/
Redirect Chain

http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73&fp=6a95b942a7ec833b7747f62ce94ceccf
http://www.qfind.net/?_inv

1 KB
870 B

350ms
116ms

Document
text/html

103.224.212.244
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.qfind.net/?_inv
Requested by: Host: ww16.enersoi.com
URL: http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73
Protocol: HTTP/1.1
Server: 103.224.212.244 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-244.above.com
Software: Apache /
Resource Hash: ca5533a6c7fdf84f9fd60a1f3552cbbd8c5a89b2629d730e6a723cc6033d93ca

Request headers

Referer: http://ww16.enersoi.com/0.6961763733170556?sub1=20240123-1210-144b-a560-80cc57c9ea73
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 575
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 01:10:15 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 01:10:15 GMT
location: http://www.qfind.net?_inv
server: Apache

GET
H/1.1 200
OK iife.min.js Show response
www.qfind.net/js/fingerprint/ 33 KB
14 KB 173ms
87ms Script
application/javascript 103.224.212.244
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.qfind.net/js/fingerprint/iife.min.js
Requested by: Host: www.qfind.net
URL: http://www.qfind.net/?_inv
Protocol: HTTP/1.1
Server: 103.224.212.244 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-244.above.com
Software: Apache /
Resource Hash: c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.qfind.net/?_inv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:10:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 05:06:15 GMT
server: Apache
etag: "85c0-60a3dfaaa1fc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
connection: close
accept-ranges: bytes
content-length: 14345

GET
H/1.1

200
OK

Primary Request / Show response
ww38.qfind.net/
Redirect Chain

http://www.qfind.net/?_inv&fp=6a95b942a7ec833b7747f62ce94ceccf
http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825

15 KB
6 KB

245ms
190ms

Document
text/html

13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Requested by: Host: www.qfind.net
URL: http://www.qfind.net/?_inv
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 5bff41eb9f773eec962beb58a25f5cb7ab5ee58d2f40332106a308675e06ed80

Request headers

Referer: http://www.qfind.net/?_inv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Jan 2024 01:10:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_g72i4HkqL1vSVb4zxVlYmMVK19HgBkX/RV3ZFOUo2pVsTbUoa1qwso+/yBe/aReiR3CUCoiDnqH4jcxMFtZUHA==
X-Domain: qfind.net
X-Subdomain: ww38

Redirect headers

connection: close
content-length: 2
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 01:10:16 GMT
location: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
server: Apache

GET
H/1.1 200
OK sale_form.js Show response
c.parkingcrew.net/scripts/ 761 B
1005 B 360ms
232ms Script
application/javascript 185.53.178.30
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.parkingcrew.net/scripts/sale_form.js
Requested by: Host: ww38.qfind.net
URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Protocol: HTTP/1.1
Server: 185.53.178.30 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 01:10:16 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
ETag: "5ebab1f0-2f9"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 761

GET
H/1.1 200
OK track.php Show response
ww38.qfind.net/ 0
608 B 151ms
151ms XHR
text/html 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.qfind.net/track.php?domain=qfind.net&toggle=browserjs&uid=MTcwNTk3MjIxNi40Njc4OjRmYTZlNWRlYjE0ODY0ZTdjZThmNzlkNGFhMzg1YzJhY2E1MzhmODcyYjlmNDliZGE4OWNjOTA3NmFjOWFiYjQ6NjVhZjExZjg3MjMzMw%3D%3D
Requested by: Host: ww38.qfind.net
URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 01:10:17 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: browserjs
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-CH-Lifetime: 30
Connection: keep-alive

GET
H/1.1 200
OK arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 11 KB
12 KB 98ms
31ms Image
image/png 2600:9000:25f3:7e00:1d:4618:5c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by: Host: ww38.qfind.net
URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Protocol: HTTP/1.1
Server: 2600:9000:25f3:7e00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 11:40:29 GMT
Via: 1.1 a6eabcce56b55417b8ac9fcb21e00bf6.cloudfront.net (CloudFront)
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Server: nginx
X-Amz-Cf-Pop: CMH68-P3
Age: 48588
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11375
X-Amz-Cf-Id: 6lmM21-YQRUWDesURtqvKu56d3r38Sm2pber-QguWLHLaIjjHGQ24g==

GET
H/1.1 201
Created ls.php Show response
ww38.qfind.net/ 16 B
865 B 154ms
153ms XHR
text/javascript 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.qfind.net/ls.php?t=65af11f8&token=57062747409189f697ec6df2427fe88f14c71f17
Requested by: Host: ww38.qfind.net
URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 01:10:17 GMT
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding: chunked
Accept-CH-Lifetime: 30
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods: POST, OPTIONS
Charset: utf-8
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Ms8rEQoILTuBbfvdjLM5TwgvKUsyuHyS210pp/rACW13jaebpGBXZKDoz3E7r8bmhtFF0yQprNzB9mIugeE0YA==
Connection: keep-alive

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 140 KB
52 KB 70ms
42ms Script
text/javascript 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js?abp=1

Requested by

Host: ww38.qfind.net
URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825

Protocol

HTTP/1.1

Server

2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b1327a1bf66837d014af75cc07b4a1f26655152242e7e144a2db2b3ede206c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 01:10:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "14174251662892664561"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires: Tue, 23 Jan 2024 01:10:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 372 B
590 B 103ms
40ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww38.qfind.net&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff15cd5818e2b57f59d7c0df3f055b10ba2f2de9fb3174a74478a99ad4c08765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 238
x-xss-protection: 0

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame FEB0 10 KB
3 KB 180ms
120ms Document
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NWFmMTFmODcyMmY0fHx8MTcwNTk3MjIxNi40ODYxfGE5ZGQ3Yjc5YWI2ZWNjYzE4NzgyZDYwZmIwYTczMTMyMjZkYjNkNjJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU3MDYyNzQ3NDA5MTg5ZjY5N2VjNmRmMjQyN2ZlODhmMTRjNzFmMTd8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&terms=Norton%20AntiVirus&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C71847096&format=r3%7Cs&nocache=9931705972217203&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=2&u_his=2&u_tz=-600&dt=1705972217204&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=599153014&uio=--&cont=tc&drt=0&jsid=caf&jsv=599153014&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20240123-1210-1625-8acf-a29562b80825&referer=http%3A%2F%2Fwww.qfind.net%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

b1fcfc820ec96d224eff47f191a0a4a342b384f5ec146d33df41b01e60c2dcc6

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-7HHHsGKyWPAtB_bJ__XzXQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: http://ww38.qfind.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2710
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-7HHHsGKyWPAtB_bJ__XzXQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 23 Jan 2024 01:10:17 GMT
expires: Tue, 23 Jan 2024 01:10:17 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 caf.js Show response
www.adsensecustomsearchads.com/adsense/domains/ Frame FEB0 140 KB
51 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=2

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww38.qfind.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NWFmMTFmODcyMmY0fHx8MTcwNTk3MjIxNi40ODYxfGE5ZGQ3Yjc5YWI2ZWNjYzE4NzgyZDYwZmIwYTczMTMyMjZkYjNkNjJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU3MDYyNzQ3NDA5MTg5ZjY5N2VjNmRmMjQyN2ZlODhmMTRjNzFmMTd8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&terms=Norton%20AntiVirus&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2368613153659048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C71847096&format=r3%7Cs&nocache=9931705972217203&num=0&output=afd_ads&domain_name=ww38.qfind.net&v=3&bsl=8&pac=2&u_his=2&u_tz=-600&dt=1705972217204&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=599153014&uio=--&cont=tc&drt=0&jsid=caf&jsv=599153014&rurl=http%3A%2F%2Fww38.qfind.net%2F%3F_inv%26subid1%3D20240123-1210-1625-8acf-a29562b80825&referer=http%3A%2F%2Fwww.qfind.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

820ae30c1a8365a8b79e11dfbe1c02bbc5c5b896f2346e9faea117f6fe5d2d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "707281540178553346"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 23 Jan 2024 01:10:17 GMT

GET
H/1.1 200
OK track.php Show response
ww38.qfind.net/ 0
610 B 148ms
148ms XHR
text/html 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.qfind.net/track.php?domain=qfind.net&caf=1&toggle=answercheck&answer=yes&uid=MTcwNTk3MjIxNi40Njc4OjRmYTZlNWRlYjE0ODY0ZTdjZThmNzlkNGFhMzg1YzJhY2E1MzhmODcyYjlmNDliZGE4OWNjOTA3NmFjOWFiYjQ6NjVhZjExZjg3MjMzMw%3D%3D
Requested by: Host: ww38.qfind.net
URL: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/?_inv&subid1=20240123-1210-1625-8acf-a29562b80825
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 01:10:17 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: answercheck
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-CH-Lifetime: 30
Connection: keep-alive

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame FEB0 391 B
794 B 89ms
27ms Image
image/svg+xml 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 23:47:14 GMT
age: 4983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Tue, 23 Jan 2024 22:47:14 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame FEB0 200 B
289 B 89ms
28ms Image
image/svg+xml 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 07:02:48 GMT
age: 65249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Tue, 23 Jan 2024 06:02:48 GMT

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 50ms
49ms Image
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=719skehlltr0&aqid=-RGvZYLRE8HNnboPw-eyqAM&psid=1167268112&pbt=bs&adbx=535&adby=132&adbh=176&adbw=530&adbah=160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=599153014&csala=4%7C0%7C195%7C82%7C161&lle=0&ifv=1&hpt=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-0QmXTav0H0nivmmohUwbww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-0QmXTav0H0nivmmohUwbww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 23 Jan 2024 01:10:19 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 50ms
49ms Image
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=hb9utzs7spmw&aqid=-RGvZYLRE8HNnboPw-eyqAM&psid=1167268112&pbt=bv&adbx=535&adby=132&adbh=176&adbw=530&adbah=160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=599153014&csala=4%7C0%7C195%7C82%7C161&lle=0&ifv=1&hpt=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-w5R7SmaPlwzQzHoLU5B6SQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ww38.qfind.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-w5R7SmaPlwzQzHoLU5B6SQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 23 Jan 2024 01:10:19 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
enersoi.com/	1970-01-21 03:28:52	Name: __tad Value: 1705972214.6751692
ww16.enersoi.com/	1970-01-21 03:28:52	Name: __tad Value: 1705972214.1483831
www.qfind.net/	1970-01-21 03:28:52	Name: __tad Value: 1705972215.3302019
.qfind.net/	1970-01-21 03:14:28	Name: __gsas Value: ID=3fc539dc28658a82:T=1705972217:RT=1705972217:S=ALNI_MZVMppEcBlhUCc_0WKCb0Tobmv-oQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://www.google.com/adsense/domains/caf.js?abp=1(Line 198) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
c.parkingcrew.net
d38psrni17bvxu.cloudfront.net
enersoi.com
partner.googleadservices.com
ww16.enersoi.com
ww38.qfind.net
www.adsensecustomsearchads.com
www.google.com
www.qfind.net
103.224.182.206
103.224.212.244
13.248.148.254
185.53.178.30
2600:9000:25f3:7e00:1d:4618:5c80:21
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2004
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
5bff41eb9f773eec962beb58a25f5cb7ab5ee58d2f40332106a308675e06ed80
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
68afcf2abdcb8947e1176c7e4d4c77bd1bae4e2d1e7b5fcfbf2981a7d1b4996b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
820ae30c1a8365a8b79e11dfbe1c02bbc5c5b896f2346e9faea117f6fe5d2d21
87b1327a1bf66837d014af75cc07b4a1f26655152242e7e144a2db2b3ede206c
b1fcfc820ec96d224eff47f191a0a4a342b384f5ec146d33df41b01e60c2dcc6
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca5533a6c7fdf84f9fd60a1f3552cbbd8c5a89b2629d730e6a723cc6033d93ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
f925faa7645b73f10e9fed67796996e18d44103dcae0099b7d33b76d556f9d76
ff15cd5818e2b57f59d7c0df3f055b10ba2f2de9fb3174a74478a99ad4c08765

ww38.qfind.net Open in urlscan Pro 13.248.148.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

35 %HTTPS

56 %IPv6

8 Domains

10 Subdomains

9 IPs

3 Countries

174 kBTransfer

422 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

ww38.qfind.net Open in urlscan Pro
13.248.148.254 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

35 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

174 kB
Transfer

422 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions