Report - orofus.com/

Report Overview

Submitted URL
orofus.com/
IP
15.197.130.221
ASN
#16509 AMAZON-02
Submitted
2024-04-18 12:46:13
Access
public
Website Title
orofus.com
Final URL
orofus.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
orofus.com	unknown	unknown	No data	No data	2.3 kB	15 kB	15.197.130.221
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2024-04-18	390 B	12 kB	54.230.241.187
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	343 B	75 kB	142.250.74.164
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02	2024-04-17	2.9 kB	5.0 kB	216.58.211.14
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2024-04-17	995 B	2.1 kB	142.250.74.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 12:45:50	medium	15.197.130.221	Client IP	ET Threatview.io High Confidence Cobalt Strike C2 IP group 3
2024-04-18 12:45:50	medium	15.197.130.221	Client IP	ET Threatview.io High Confidence Cobalt Strike C2 IP group 4

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Forofus.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjIxMTVmZjJmZTFifHx8MTcxMzQ0NDM1MS4yMTA1fDdlMWZkZGUzNDA5MjY1ZjA4YzAzNzFhMDViODQ4ZjNjNjcxYjMzYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwNzQ3MWMxNzAyZWNjYjkyNDdjZGU1NDJkNDgxMGFkNmM1MTlkMmJlfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2686859764326195&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301444%2C17301450%2C17301465%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=6591713444351734&num=0&output=afd_ads&domain_name=orofus.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1713444351736&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=625314022&rurl=http%3A%2F%2Forofus.com%2F	915 B	2024-04-18	2024-04-18
Pretty URL www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Forofus.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjIxMTVmZjJmZTFifHx8MTcxMzQ0NDM1MS4yMTA1fDdlMWZkZGUzNDA5MjY1ZjA4YzAzNzFhMDViODQ4ZjNjNjcxYjMzYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwNzQ3MWMxNzAyZWNjYjkyNDdjZGU1NDJkNDgxMGFkNmM1MTlkMmJlfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2686859764326195&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301444%2C17301450%2C17301465%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=6591713444351734&num=0&output=afd_ads&domain_name=orofus.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1713444351736&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=625314022&rurl=http%3A%2F%2Forofus.com%2F IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:46:19 Last Seen2024-04-18 14:46:19 Times Seen1 Hash e243620afa6e7b9df0e5b7b68c95fcd5 004d4c0a061cf86b5dc67ffd7a5f01312e13c380 c8f66cbbe4efabd143606b8dc6741799d8ce16d82d2a6053840376609b3b1343 Loading...

	orofus.com/	968 B	2023-03-08	2024-05-01
Pretty URL orofus.com/ IP 15.197.130.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24:08 Last Seen2024-05-01 21:38:38 Times Seen27810 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	orofus.com/	8.0 kB	2024-04-18	2024-04-18
Pretty URL orofus.com/ IP 15.197.130.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:46:19 Last Seen2024-04-18 14:46:19 Times Seen1 Hash 9d6909c7571856a387f3cf8095672bcf a2c46dbe8ddb07d9bb0a3829bd898daf7362e0bd 09d9f97ba1b86d3b6cf05db680de1bf626400c4f0eede7f7b5e398329340bade Loading...

	orofus.com/	669 B	2024-04-18	2024-04-18
Pretty URL orofus.com/ IP 15.197.130.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:46:19 Last Seen2024-04-18 14:46:19 Times Seen1 Hash b82fc07ac1a26aa07bd6e51a30fc88a7 813f4f9a9a89ab4e5496227374c1f7160404f9f2 5634834c78a00b1251b6230fd8e22e4260cb474c5fb5ad482320ff890975dc5d Loading...

	orofus.com/	40 B	2023-08-09	2024-05-01
Pretty URL orofus.com/ IP 15.197.130.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-09 10:52:17 Last Seen2024-05-01 21:38:38 Times Seen9036 Hash fca3e6a61d4a07440e4f10c4dbaad8e3 41480802bf872b2d15f9cbcadba025fe326eac03 dfe5c5e10934e7abf7903d4ede3b8fa091c11bef63d675808e6314ec763185ee Loading...

	orofus.com/	483 B	2024-01-04	2024-05-01
Pretty URL orofus.com/ IP 15.197.130.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 10:26:15 Last Seen2024-05-01 21:38:38 Times Seen2850 Hash 18f2edc58d8a7b9e6b82454e8658c157 e5dfdd0fa61b3a5ef68dab382a0ba93e9e7b67fb 2d9b07a0704d92dda4deae88bc582aeb659923c8d44d0e7362e13cb28d88d250 Loading...

	www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true	191 kB	2024-04-17	2024-04-18
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 23:58:01 Last Seen2024-04-18 14:46:19 Times Seen11 Hash 24528720f633677f39208d636a6cd20c 87f189e4734e1b44e54d2e6bd06e323d9966793b f542433a856333d68346504eff591f0e7c1139c27b362820c1076a9693f483cb Loading...

	orofus.com/	50 B	2024-01-04	2024-05-01
Pretty URL orofus.com/ IP 15.197.130.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 10:26:15 Last Seen2024-05-01 21:38:38 Times Seen2812 Hash 1b334e0123cf0cb113092022fb726782 45abb42a6680499daa10d83d2859329de1843de2 42591f96b9a41a7e2e5ecd0240dd7fecdcf03ef8454b57c68f08697474a4b579 Loading...

	www.adsensecustomsearchads.com/adsense/domains/caf.js	191 kB	2024-04-17	2024-04-18
Pretty URL www.adsensecustomsearchads.com/adsense/domains/caf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 21:21:18 Last Seen2024-04-18 14:46:19 Times Seen16 Hash 5056f6d0b7a733c3a301d8a1f2897077 e66c0d932a9b77615e00681d17e79227cdccaef1 6007d24fb865c469007e38b0142d98025210efa204368ff69e230af74743cd45 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	orofus.com/	15.197.130.221		5.8 kB
URL orofus.com/ IP 15.197.130.221:0 ASN #16509 AMAZON-02 File type HTML document, ASCII text, with very long lines (8014) Size 5.8 kB (5819 bytes) Hash 4d7a77b87a737974d7decaf63d2c9d14 5d08bbf44213273ae9f37f90be132456bafb8b9e 783792e2b2fc4a43d2f80efbe8cc2ab99e78cff90b807e28fb38011f59265711 HTTP Headers `GET / HTTP/1.1 Host: orofus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 12:45:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket102 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_q5wKSDCqe5Ti/EXZoRMgJUqwwxQpdJ3ABuaeakedLmYw5J/K9yq7jk058x8ElbfIYhEWES0v83BzauOgwFdxuQ== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Domain: orofus.com X-Subdomain: Content-Encoding: gzip

	orofus.com/	15.197.130.221		5.8 kB
URL orofus.com/ IP 15.197.130.221:0 ASN #16509 AMAZON-02 File type HTML document, ASCII text, with very long lines (8026) Size 5.8 kB (5783 bytes) Hash a6a0e40acfccdaf501c825e87ac33ca1 1cc961337a25fd04456251246e0be7b2fb6b3b26 21adf1d1dec7c475239828aebafb6d8e18c7d1a6db8cb2e4c6877439a84000e0 HTTP Headers `GET / HTTP/1.1 Host: orofus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 12:45:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket102 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_q5wKSDCqe5Ti/EXZoRMgJUqwwxQpdJ3ABuaeakedLmYw5J/K9yq7jk058x8ElbfIYhEWES0v83BzauOgwFdxuQ== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Domain: orofus.com X-Subdomain: Content-Encoding: gzip

	orofus.com/track.php?domain=orofus.com&toggle=browserjs&uid=MTcxMzQ0NDM1MS4xOTYyOjIwMjc0NjljNjlmNTgyMzkwYmI0YWJmZjA0Y2NhNjM5NmVlODE5ZjEwOWM5ZDgwOTAzMTRiNTA4YWE0ZTE4ZjQ6NjYyMTE1ZmYyZmU2NA%3D%3D	15.197.130.221		20 B
URL orofus.com/track.php?domain=orofus.com&toggle=browserjs&uid=MTcxMzQ0NDM1MS4xOTYyOjIwMjc0NjljNjlmNTgyMzkwYmI0YWJmZjA0Y2NhNjM5NmVlODE5ZjEwOWM5ZDgwOTAzMTRiNTA4YWE0ZTE4ZjQ6NjYyMTE1ZmYyZmU2NA%3D%3D IP 15.197.130.221:0 ASN #16509 AMAZON-02 File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers `GET /track.php?domain=orofus.com&toggle=browserjs&uid=MTcxMzQ0NDM1MS4xOTYyOjIwMjc0NjljNjlmNTgyMzkwYmI0YWJmZjA0Y2NhNjM5NmVlODE5ZjEwOWM5ZDgwOTAzMTRiNTA4YWE0ZTE4ZjQ6NjYyMTE1ZmYyZmU2NA%3D%3D HTTP/1.1 Host: orofus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 12:45:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	54.230.241.187		11 kB
URL d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 54.230.241.187:0 ASN #16509 AMAZON-02 File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Wed, 17 Apr 2024 17:26:54 GMT Last-Modified: Thu, 21 Mar 2024 11:48:11 GMT Accept-Ranges: bytes ETag: "65fc1e7b-2c6f" X-Cache: Hit from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: r6-iFjDBFAqj9DdqcGtL8xlw-6Dupor-rN5wXd9O-lxMfn4X4Y0uAQ== Age: 69537`

	orofus.com/ls.php?t=662115ff&token=07471c1702eccb9247cde542d4810ad6c519d2be	15.197.130.221		16 B
URL orofus.com/ls.php?t=662115ff&token=07471c1702eccb9247cde542d4810ad6c519d2be IP 15.197.130.221:0 ASN #16509 AMAZON-02 File type JSON text data Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers `GET /ls.php?t=662115ff&token=07471c1702eccb9247cde542d4810ad6c519d2be HTTP/1.1 Host: orofus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 201 Created Date: Thu, 18 Apr 2024 12:45:51 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 662115ff866877c233008d61 Charset: utf-8 Access-Control-Allow-Origin: Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hCaYzwQfOP6zPFWw9M3fjEFp7DSrgzK6lhg9XyS1CA9a/gjLbHC7Bf3ueXdmEvnBSjWQtW2DJ56oX1EVfDawZw==

	www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true	142.250.74.164		74 kB
URL www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP 142.250.74.164:0 ASN #15169 GOOGLE File type JavaScript source, ASCII text, with very long lines (2247) Size 74 kB (74158 bytes) Hash 24528720f633677f39208d636a6cd20c 87f189e4734e1b44e54d2e6bd06e323d9966793b f542433a856333d68346504eff591f0e7c1139c27b362820c1076a9693f483cb HTTP Headers `GET /adsense/domains/caf.js?abp=1&adsdeli=true HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Thu, 18 Apr 2024 12:45:51 GMT Expires: Thu, 18 Apr 2024 12:45:51 GMT Cache-Control: private, max-age=3600 ETag: "2146039220809097597" X-Content-Type-Options: nosniff Link: <https://syndicatedsearch.goog>; rel="preconnect" Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0

	orofus.com/favicon.ico	15.197.130.221		0 B
URL orofus.com/favicon.ico IP 15.197.130.221:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: orofus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 12:45:51 GMT Content-Type: image/x-icon Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Wed, 17 Apr 2024 09:08:47 GMT ETag: "661f919f-0" Accept-Ranges: bytes`

	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Forofus.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjIxMTVmZjJmZTFifHx8MTcxMzQ0NDM1MS4yMTA1fDdlMWZkZGUzNDA5MjY1ZjA4YzAzNzFhMDViODQ4ZjNjNjcxYjMzYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwNzQ3MWMxNzAyZWNjYjkyNDdjZGU1NDJkNDgxMGFkNmM1MTlkMmJlfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2686859764326195&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301444%2C17301450%2C17301465%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=6591713444351734&num=0&output=afd_ads&domain_name=orofus.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1713444351736&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=625314022&rurl=http%3A%2F%2Forofus.com%2F	216.58.211.14		2.9 kB
URL www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Forofus.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjIxMTVmZjJmZTFifHx8MTcxMzQ0NDM1MS4yMTA1fDdlMWZkZGUzNDA5MjY1ZjA4YzAzNzFhMDViODQ4ZjNjNjcxYjMzYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwNzQ3MWMxNzAyZWNjYjkyNDdjZGU1NDJkNDgxMGFkNmM1MTlkMmJlfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2686859764326195&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301444%2C17301450%2C17301465%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=6591713444351734&num=0&output=afd_ads&domain_name=orofus.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1713444351736&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=625314022&rurl=http%3A%2F%2Forofus.com%2F IP 216.58.211.14:0 ASN #15169 GOOGLE File type HTML document, Unicode text, UTF-8 text, with very long lines (13922) Size 2.9 kB (2939 bytes) Hash 31400beadd93da5d3c5640c0f6bb756c 7746b2695734ecde52995a3d1e749a83dcbbfaaf 950407ffe6759a1d37a9476b5f4f80c0d01b1ef7f92de922f83da972efa68888 HTTP Headers GET /afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Forofus.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjIxMTVmZjJmZTFifHx8MTcxMzQ0NDM1MS4yMTA1fDdlMWZkZGUzNDA5MjY1ZjA4YzAzNzFhMDViODQ4ZjNjNjcxYjMzYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwNzQ3MWMxNzAyZWNjYjkyNDdjZGU1NDJkNDgxMGFkNmM1MTlkMmJlfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2686859764326195&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301444%2C17301450%2C17301465%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=6591713444351734&num=0&output=afd_ads&domain_name=orofus.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1713444351736&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=625314022&rurl=http%3A%2F%2Forofus.com%2F HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Thu, 18 Apr 2024 12:45:51 GMT expires: Thu, 18 Apr 2024 12:45:51 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3MMJkVQxpi6Ovcw20ve5mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2939 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	orofus.com/track.php?domain=orofus.com&caf=1&toggle=answercheck&answer=yes&uid=MTcxMzQ0NDM1MS4xOTYyOjIwMjc0NjljNjlmNTgyMzkwYmI0YWJmZjA0Y2NhNjM5NmVlODE5ZjEwOWM5ZDgwOTAzMTRiNTA4YWE0ZTE4ZjQ6NjYyMTE1ZmYyZmU2NA%3D%3D	15.197.130.221		20 B
URL orofus.com/track.php?domain=orofus.com&caf=1&toggle=answercheck&answer=yes&uid=MTcxMzQ0NDM1MS4xOTYyOjIwMjc0NjljNjlmNTgyMzkwYmI0YWJmZjA0Y2NhNjM5NmVlODE5ZjEwOWM5ZDgwOTAzMTRiNTA4YWE0ZTE4ZjQ6NjYyMTE1ZmYyZmU2NA%3D%3D IP 15.197.130.221:0 ASN #16509 AMAZON-02 File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers `GET /track.php?domain=orofus.com&caf=1&toggle=answercheck&answer=yes&uid=MTcxMzQ0NDM1MS4xOTYyOjIwMjc0NjljNjlmNTgyMzkwYmI0YWJmZjA0Y2NhNjM5NmVlODE5ZjEwOWM5ZDgwOTAzMTRiNTA4YWE0ZTE4ZjQ6NjYyMTE1ZmYyZmU2NA%3D%3D HTTP/1.1 Host: orofus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 12:45:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.97		174 B
URL afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image Size 174 B (174 bytes) Hash 11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 07:37:12 GMT expires: Fri, 19 Apr 2024 06:37:12 GMT cache-control: public, max-age=82800 age: 18520 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.97		270 B
URL afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image Size 270 B (270 bytes) Hash 8959ddcd9712196961d93f58064ed655 62ab1e38e7e9fbf58a04381b76c2d96a9c829f24 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 06:46:39 GMT expires: Fri, 19 Apr 2024 05:46:39 GMT cache-control: public, max-age=82800 age: 21553 last-modified: Thu, 20 Jul 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=9wj2qlwuxb5l&aqid=_xUhZo6hNK2QiM0Pn7ybgAI&psid=1167268112&pbt=bs&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=625314022&csala=7%7C0%7C515%7C70%7C167&lle=0&ifv=1&hpt=1	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=9wj2qlwuxb5l&aqid=_xUhZo6hNK2QiM0Pn7ybgAI&psid=1167268112&pbt=bs&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=625314022&csala=7%7C0%7C515%7C70%7C167&lle=0&ifv=1&hpt=1 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by http://orofus.com/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=9wj2qlwuxb5l&aqid=_xUhZo6hNK2QiM0Pn7ybgAI&psid=1167268112&pbt=bs&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=625314022&csala=7%7C0%7C515%7C70%7C167&lle=0&ifv=1&hpt=1 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-MbcZp8jc1H4lRiVFFKnJJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Thu, 18 Apr 2024 12:45:54 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=a096j1rvmrdl&aqid=_xUhZo6hNK2QiM0Pn7ybgAI&psid=1167268112&pbt=bv&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=625314022&csala=7%7C0%7C515%7C70%7C167&lle=0&ifv=1&hpt=1	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=a096j1rvmrdl&aqid=_xUhZo6hNK2QiM0Pn7ybgAI&psid=1167268112&pbt=bv&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=625314022&csala=7%7C0%7C515%7C70%7C167&lle=0&ifv=1&hpt=1 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by http://orofus.com/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=a096j1rvmrdl&aqid=_xUhZo6hNK2QiM0Pn7ybgAI&psid=1167268112&pbt=bv&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=625314022&csala=7%7C0%7C515%7C70%7C167&lle=0&ifv=1&hpt=1 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://orofus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-s41oZ0--I3skJNWtlLB7cQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Thu, 18 Apr 2024 12:45:54 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML