www.easysurf.cc Open in urlscan Pro
66.226.154.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.easysurf.cc/ndate6.htm
Submission: On March 21 via manual (March 21st 2024, 6:02:48 pm UTC) from US — Scanned from CA

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 55 HTTP transactions. The main IP is 66.226.154.44, located in Canada and belongs to IN2NET-NETWORK, CA. The main domain is www.easysurf.cc.
TLS certificate: Issued by R3 on March 9th 2024. Valid for: 3 months.

This is the only time www.easysurf.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	66.226.154.44 66.226.154.44	26753 (IN2NET-NE...) (IN2NET-NETWORK)
16	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	18.208.5.78 18.208.5.78	14618 (AMAZON-AES) (AMAZON-AES)
1	2602:fc8e:0:6... 2602:fc8e:0:688e:150::214	399522 (TP) (TP)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
3 4	142.251.179.156 142.251.179.156	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	44.205.158.91 44.205.158.91	14618 (AMAZON-AES) (AMAZON-AES)
2	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::94	15169 (GOOGLE) (GOOGLE)
3	2600:9000:24f... 2600:9000:24f4:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2	14618 (AMAZON-AES) (AMAZON-AES)
55	15

5 66.226.154.44 (Canada)

ASN26753 (IN2NET-NETWORK, CA)
PTR: host-66-226-154-44.in2net.com

www.easysurf.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.5.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-5-78.compute-1.amazonaws.com

t1.extreme-dm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e2.extreme-dm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:fc8e:0:688e:150::214 (United States)

ASN399522 (TP, US)

www.easy2surf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9b (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.179.156 (Farmingdale, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: pd-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.114 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.205.158.91 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-158-91.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.156 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::94 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24f4:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	406 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1070 static.adsafeprotected.com — Cisco Umbrella Rank: 895 dt.adsafeprotected.com — Cisco Umbrella Rank: 825	106 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 353 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 648	53 KB
5	easysurf.cc www.easysurf.cc	102 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 371	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1179	2 KB
2	extreme-dm.com t1.extreme-dm.com — Cisco Umbrella Rank: 243989 e2.extreme-dm.com — Cisco Umbrella Rank: 682109	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 413	14 KB
1	easy2surf.com www.easy2surf.com	206 B
0	google.com Failed www.google.com Failed
0	sitemeter.com Failed sm2.sitemeter.com Failed
55	11

	Domain	Requested by
16	pagead2.googlesyndication.com	www.easysurf.cc pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	dt.adsafeprotected.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	www.easysurf.cc	www.easysurf.cc
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	e2.extreme-dm.com	www.easysurf.cc
1	www.easy2surf.com	www.easysurf.cc
1	t1.extreme-dm.com	www.easysurf.cc
0	www.google.com Failed	tpc.googlesyndication.com
0	sm2.sitemeter.com Failed	www.easysurf.cc
55	17

This site contains links to these domains. Also see Links.

Domain
extremetracking.com

Subject Issuer	Validity	Valid
www.easysurf.cc R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
t1.extreme-dm.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
easy2surf.com cPanel, Inc. Certification Authority	`2024-01-10` - `2024-04-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.easysurf.cc/ndate6.htm
Frame ID: 0DDC059D8E5C400ABE73ED47009B48CA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&h=90&adk=1055023138&adf=2653041513&w=728&lmt=1703960508&ad_type=text_image&format=728x90_as&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163328&bpp=311&bdt=675&idt=681&shv=r20240319&mjsv=m202403180101&ptt=5&saldr=sd&abxe=1&correlator=805795834212&frm=20&pv=2&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=695
Frame ID: AB7DBE76937609BA1CB75941BACD704F
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&adk=1812271804&adf=3025194257&lmt=1703960508&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&pra=7&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163639&bpp=2&bdt=987&idt=406&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90_as&nras=1&correlator=805795834212&frm=20&pv=1&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=418
Frame ID: 30E8A8DE14DEA6EF8CCB44FB134A23CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjMexCNgt-oAxjsheGHAjAB&v=APEucNXiEIGXlhZnv3kwPd5VU7x5vLrQDMu1lBA-ljKl6jmwzymfqwjisfrbl90fTbamD4u4gBocIEzMzwJF9GoIFGxpPr0yQg
Frame ID: CFACCE969C2EF0DE3A755A551F46A5FE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2463144CFC95B1C780F74799D269B1D5
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 39542E04181384861DE7F1B8403838C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5789C16B6E2BE11CB86A19F7C3E1E55
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A886E0C31C815D61A55A999E12A79B26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Full Year Reference Calendar - Day of the Year and Days left till the End of the Year

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

55
Requests

87 %
HTTPS

50 %
IPv6

11
Domains

17
Subdomains

15
IPs

3
Countries

683 kB
Transfer

1758 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://extremetracking.com/open?login=easysur2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1

Request Chain 20

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zfx2RdHM50kAAFVdAN2OhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1

Request Chain 21

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC7ap6zJT5W1YUF4JuObFfU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEC7ap6zJT5W1YUF4JuObFfU%26google_cver%3D1

Request Chain 22

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYzMDI4MDE2MTAwNjgzNDk2Ng%3D%3D

Request Chain 39

https://fw.adsafeprotected.com/rfw/st/1976935/78579772/skeleton.js?bundleId=${BUNDLE_ID}&bidurl=https://www.easysurf.cc/ndate6.htm&adsafe_url=https%3A%2F%2Fwww.easysurf.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.easysurf.cc%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3970496540640230%26output%3Dhtml%26h%3D90%26adk%3D1055023138%26adf%3D2653041513%26w%3D728%26lmt%3D1703960508%26ad_type%3Dtext_image%26format%3D728x90_as%26url%3Dhttps%253A%252F%252Fwww.easysurf.cc%252Fndate6.htm%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1711044163328%26bpp%3D311%26bdt%3D675%26idt%3D681%26shv%3Dr20240319%26mjsv%3Dm202403180101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26correlator%3D805795834212%26frm%3D20%26pv%3D2%26ga_vid%3D300381148.1711044164%26ga_sid%3D1711044164%26ga_hid%3D1492391573%26ga_fc%3D0%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D8%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31081575%252C44795921%252C95326315%252C95320377%252C21065724%26oid%3D2%26pvsid%3D84261904384178%26tmod%3D177070321%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D695&adsafe_type=d&adsafe_jsinfo=,id:e3482acc-f022-00a5-570a-cabfd689e05c,c:7AdNC1,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6c45d7cb47-bbb6p,rg:va,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:758,mot:0,app:0,maw:0,tdt:s,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:788,oid:38a01e77-e7ad-11ee-8bff-2e341b16cdc3,v:19.8.491,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ndate6.htm Show response
www.easysurf.cc/ 92 KB
92 KB 601ms
192ms Document
text/html 66.226.154.44
IN2NET-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.226.154.44 , Canada, ASN26753 (IN2NET-NETWORK, CA),
Reverse DNS: host-66-226-154-44.in2net.com
Software: Apache /
Resource Hash: 470c7991b02c2431aa53c7849bc816d6b5683db59aea8f980ca5bff94bb6c6b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 94050
Content-Type: text/html
Date: Thu, 21 Mar 2024 18:00:41 GMT
Keep-Alive: timeout=2, max=100
Last-Modified: Sat, 30 Dec 2023 18:21:48 GMT
Server: Apache

GET
H/1.1 200
OK brd.js Show response
www.easysurf.cc/ 321 B
575 B 350ms
131ms Script
application/javascript 66.226.154.44
IN2NET-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.easysurf.cc/brd.js
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.226.154.44 , Canada, ASN26753 (IN2NET-NETWORK, CA),
Reverse DNS: host-66-226-154-44.in2net.com
Software: Apache /
Resource Hash: 4c0d826793d0af5801431687b6d47fb847da2c50ef0cc8226dbcf8b22dc6d501

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/ndate6.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:00:41 GMT
Last-Modified: Fri, 01 Apr 2016 17:29:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 321

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
11 KB 616ms
208ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60528ea72a21de82133d216689a4b8e75435f77cc02a1e6f48214f7f6142bd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10532
x-xss-protection: 0
server: cafe
etag: 6157158338501945558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:02:43 GMT

GET
H/1.1 200
OK eee.js Show response
www.easysurf.cc/ 174 B
429 B 550ms
202ms Script
application/javascript 66.226.154.44
IN2NET-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.easysurf.cc/eee.js
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.226.154.44 , Canada, ASN26753 (IN2NET-NETWORK, CA),
Reverse DNS: host-66-226-154-44.in2net.com
Software: Apache /
Resource Hash: 8e49d476b18cc9d06d8fc96d75cc1f3ccca6bc8eb813ff4cc1b98fb82f870812

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/ndate6.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:00:41 GMT
Last-Modified: Fri, 01 Apr 2016 17:30:25 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 174

GET
H/1.1 200
OK i.gif
t1.extreme-dm.com/ 1004 B
1 KB 513ms
95ms Image
image/gif 18.208.5.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.extreme-dm.com/i.gif
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-5-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5aadfd697417ac1e5e545943d8cb8ee9e8e9ed3fa9ed9b3f65bff9fb329dac01

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:02:43 GMT
Last-Modified: Thu, 26 Feb 2004 13:56:07 GMT
Server: nginx
ETag: "403dfaf7-3ec"
Content-Type: image/gif
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004
Expires: Fri, 05 Apr 2024 18:02:43 GMT

GET
H/1.1 200
OK dtcount.cgi
www.easy2surf.com/cgi-bin/ 0
206 B 2626ms
2200ms Image
text/html 2602:fc8e:0:688e:150::214
TP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.easy2surf.com/cgi-bin/dtcount.cgi
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2602:fc8e:0:688e:150::214 , United States, ASN399522 (TP, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:02:43 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK style6.css
www.easysurf.cc/ 426 B
666 B 131ms
131ms Stylesheet
text/css 66.226.154.44
IN2NET-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.easysurf.cc/style6.css
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/brd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.226.154.44 , Canada, ASN26753 (IN2NET-NETWORK, CA),
Reverse DNS: host-66-226-154-44.in2net.com
Software: Apache /
Resource Hash: a086f4abc4c1cc607c89e868c7254223f80bef9b021b86b9ed3d2a7a69cc435b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/ndate6.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:00:41 GMT
Last-Modified: Fri, 01 Apr 2016 17:32:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 426

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 216ms
215ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61e5cfecd440fd93c10638272eab4c88dddc70391d2d2e3d9aabda4728114a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51103
x-xss-protection: 0
server: cafe
etag: 135389586489026759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 18:02:43 GMT

GET counter.js
sm2.sitemeter.com/js/ 0
0

GET
H/1.1 200
OK s11.g
e2.extreme-dm.com/ 43 B
224 B 495ms
94ms Image
image/gif 18.208.5.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e2.extreme-dm.com/s11.g?login=easysur2&jv=n&j=y&srw=1600&srb=24&l=
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-5-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:02:43 GMT
Cache-Control: no-store,must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK weave.jpg
www.easysurf.cc/ 8 KB
8 KB 128ms
128ms Image
image/jpeg 66.226.154.44
IN2NET-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.easysurf.cc/weave.jpg
Requested by: Host: www.easysurf.cc
URL: https://www.easysurf.cc/ndate6.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.226.154.44 , Canada, ASN26753 (IN2NET-NETWORK, CA),
Reverse DNS: host-66-226-154-44.in2net.com
Software: Apache /
Resource Hash: d6e7a0c94280e04cf9d83f675dd46e3f69f368c9c921ffde6d5f5bd11e082701

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/ndate6.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 18:00:42 GMT
Last-Modified: Fri, 01 Apr 2016 17:33:04 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 7801

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 214ms
213ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c450d4e740242b791944454e9f5ab64045d6f6fc45ad64701af185b0e84aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141448
x-xss-protection: 0
server: cafe
etag: 2249117642345348119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:02:43 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB7D 21 KB
10 KB 1015ms
608ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&h=90&adk=1055023138&adf=2653041513&w=728&lmt=1703960508&ad_type=text_image&format=728x90_as&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163328&bpp=311&bdt=675&idt=681&shv=r20240319&mjsv=m202403180101&ptt=5&saldr=sd&abxe=1&correlator=805795834212&frm=20&pv=2&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=695

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99ca266a121f3788c7a2e7fa63a080914662fb9841bcd9ff3761b4c688338973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easysurf.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9863
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 18:02:44 GMT
expires: Thu, 21 Mar 2024 18:02:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30E8 1 KB
934 B 581ms
207ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&adk=1812271804&adf=3025194257&lmt=1703960508&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&pra=7&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163639&bpp=2&bdt=987&idt=406&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90_as&nras=1&correlator=805795834212&frm=20&pv=1&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=418

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81c6726876739f9c6dcfcc8b69a291b310a94289034435a7a492ab1a2ece101c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easysurf.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 18:02:44 GMT
expires: Thu, 21 Mar 2024 18:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB7D 42 B
63 B 173ms
172ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9rvsuuV1GGiwviBKNOg-GEldPzu2GHdjdQwXHNfdwjWdZsWWRom-tqYIyZVs6F82eZZ58vPRhxVmB07gzWvOgb7LHEJ5kr4hKZ4hwSHo9cr0LXMY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&h=90&adk=1055023138&adf=2653041513&w=728&lmt=1703960508&ad_type=text_image&format=728x90_as&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163328&bpp=311&bdt=675&idt=681&shv=r20240319&mjsv=m202403180101&ptt=5&saldr=sd&abxe=1&correlator=805795834212&frm=20&pv=2&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=695

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AB7D 94 KB
33 KB 225ms
224ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:02:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame AB7D 3 KB
1 KB 557ms
150ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:20:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame AB7D 20 KB
9 KB 555ms
146ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:20:24 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CFAC 624 B
531 B 182ms
181ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjMexCNgt-oAxjsheGHAjAB&v=APEucNXiEIGXlhZnv3kwPd5VU7x5vLrQDMu1lBA-ljKl6jmwzymfqwjisfrbl90fTbamD4u4gBocIEzMzwJF9GoIFGxpPr0yQg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&h=90&adk=1055023138&adf=2653041513&w=728&lmt=1703960508&ad_type=text_image&format=728x90_as&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163328&bpp=311&bdt=675&idt=681&shv=r20240319&mjsv=m202403180101&ptt=5&saldr=sd&abxe=1&correlator=805795834212&frm=20&pv=2&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=695
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 18:02:45 GMT
expires: Thu, 21 Mar 2024 18:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AB7D 206 KB
62 KB 130ms
130ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:27:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:27:14 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1

43 B
340 B

127ms
126ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjMexCNgt-oAxjsheGHAjAB&v=APEucNXiEIGXlhZnv3kwPd5VU7x5vLrQDMu1lBA-ljKl6jmwzymfqwjisfrbl90fTbamD4u4gBocIEzMzwJF9GoIFGxpPr0yQg
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaSsGQPVubMCF9IP7E1CAY7WBGZtZozU7Jwj2iWozK5CjHzromSv%2FPEmCEPaE1MwbWaAvPBcsdceL8%2Fk9pMX8mxdzxcYfuMQKq%2Bgxlq8o6x6E93jC9wdJmlmt9j8GqZCxnhU%2FJpbLx%2Bdww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867fdad40c3f38e2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CFAC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zfx2RdHM50kAAFVdAN2OhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1

43 B
770 B

106ms
105ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjMexCNgt-oAxjsheGHAjAB&v=APEucNXiEIGXlhZnv3kwPd5VU7x5vLrQDMu1lBA-ljKl6jmwzymfqwjisfrbl90fTbamD4u4gBocIEzMzwJF9GoIFGxpPr0yQg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHrBBLxT3Y0xYzvqjh5DdgeLscJW9b9wcRNKRyk%2BGmh8crQ%2BKgXUn3T%2B1qn2neDw9GIRy706jLkOY0mwvVGx60NZ3h1RxwtahIcD4AitMoZtyaS60Z6Y72AF4xpoj1WBTjrQ8B9Wx%2B517w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867fdad4f9ab36a8-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENY8E-3UM_bTefirCdav_cE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame CFAC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC7ap6zJT5W1YUF4JuObFfU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEC7ap6zJT5W1YUF4JuObFfU%26google_cver%3D1

43 B
1 KB

172ms
172ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEC7ap6zJT5W1YUF4JuObFfU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjMexCNgt-oAxjsheGHAjAB&v=APEucNXiEIGXlhZnv3kwPd5VU7x5vLrQDMu1lBA-ljKl6jmwzymfqwjisfrbl90fTbamD4u4gBocIEzMzwJF9GoIFGxpPr0yQg

Protocol

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
an-x-request-uuid: afce5581-c913-41cc-9986-5fab1c7f18cc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 166.0.205.88; 166.0.205.88; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
an-x-request-uuid: ede5bf41-6368-455b-8cdc-419debdc4154
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEC7ap6zJT5W1YUF4JuObFfU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 166.0.205.88; 166.0.205.88; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CFAC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYzMDI4MDE2MTAwNjgzNDk2Ng%3D%3D

170 B
243 B

114ms
114ms

Image
image/png

142.251.179.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYzMDI4MDE2MTAwNjgzNDk2Ng%3D%3D

Requested by

Protocol

Server

142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
an-x-request-uuid: 978642a9-0726-4e86-b976-e5dbd497ba37
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYzMDI4MDE2MTAwNjgzNDk2Ng%3D%3D
x-proxy-origin: 166.0.205.88; 166.0.205.88; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB7D 0
20 B 186ms
186ms Ping
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9325945269264&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB7D 0
20 B 171ms
171ms Ping
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9325945269264&version=m202402290101&ct=76&x=1&cor=7872330915680320000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AB7D 93 KB
40 KB 166ms
165ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq7yFxhkC7RHfSkc_nPhOB9H91XjGiy7IMZJFbXzgE9VAdoqaj04952_KzNpNAUJ4IzkurhzRtPT40OnjXZv5xQPs-ZX2G8hv54jXwgLh9bDe2S1AnIFhx-5Y0R4TJQhVM-S94dM96AELRMHsK0JAE1rE8NLn_Nm7wEyai-Zy99Rvuw-bGCm99isvf-83_qYbobBYR0FdJQPxdIYaLLGkjdL7hKw&dbm_d=AKAmf-Cx0vEOmxfK2_kAHRvxSFgIp1xSv1WU_E6hkMD2KnJd6Zon0Shhmvt0fh8AW5jP8O7TlTmfsZFuEbPfuXtzkpPJRqdGllMznz8OP__Y_qwVLBGZD_DTxQ-QoPI3uzb9nUcw84j98dBqO7tAH0vgwiFUA4LukYCOFyKYQujuFXEFOX9EhSRrLU3tGBGI7LBsyWfsb6K7lFeiWSXGxk156Kps9cBC6dgfI4I53ZzKoxLu1fxA0MPcd-sX1GxoN57TOuSYVI8-F2E4t4ZJzg8MddoMyglHaPFcIDp5lGwZP5SLc64oyOnH1cEuQjz-_NHT45i0T8giGF1BQEMu7mTh2FCfQ22L19HHMEUOR_JXn9Mep8-bSjsMK5w_3YYgn65qohFcXU_Xj1cIfjmTx-n-bohaTi_3Nx1bW7oPm8NZbGeqq8nOBiWFaDIHfn5cRtZMyTt0cHdeaUId8JxZxi-iugOPtNo3Fsf4PzEsXiRHFx46ZAmAjhDkCpd1w7qw0ZEBWwBUG4PAnSijZ93y9cXUiKCkSIPzlpTxn0Pb6dP_Hsoz-IKlfnb6t_o2--ZnDU1H4ZIT7tM0ibcTF6lnZgpax23HhQP57Z6Xvwisx79Ch-Q6UgEYqSlHfUNH-OpcR6RtUmz_mtE35JVajtQhwDNZoRaY1MrHSJeuK0nfa3WZpsCzeTJ-2jPO_oy8JADBpVLwZ0G0mI_MPPcQ1LPkLfHE3dzvQ5lP1voAy_TXMqauDHd_eqmol-efmBUUf8LcQGTgQtXlS1ZTw3HvmZVSFOws3rirMf_vW3FwSdjlsz0OnBXtzKkUOFOCjLGIL2XWg7LE5ulgo900YdVVMT5Fw8kXfkWI9ytsNbvEvo1YXmAKl-Yghczd-KAVBbqXSoxAaadCLKnpL96UbjFoGubh4T3kUV04TkGH2HFaNx4FFMtX-QqOYXxixDWlEwiSDl5AxdJhENW_PyeDBwZeJ37ymgVz5ZaBzl8sPen8fBoV3Xmjs-bcGCaZmcMHIb-1L6HXazhHo21-rCpRX7P26g6DMcwYWofwNmPRGiDxoACMqWZNLUXCJBbiVezYrgvEB8H6hVcetGkUQMito8oZMnXjnsyqAHYimM8Zusi7n0uSHM67UAoyR1rHX-jytNAIpTanKjcaSWlnv9igwZiTwEum626NPl4PDK6ei_WcC2_b6FmhNJ7V2cQ99wK8QMde3iNZ7_CnXsznm5Eb9L9Fem40FV9JEkh7I4lBEezR0foRwSWuebPlfXAiYslywcpBfp5BmPzOkV93gJyA9JcO2xdAA2xSlt-f3bo0YsDmWFII6jx_DtD4YwmSCQciMvILu06HRTU80tB4KIZp8vef9CIeysFmYe84a2Imz_3pkLIPQzHlJbuyQoQbzGv-_OxYLZ8WcSatKMsmJmh-zcROLeNsYyGYs0u0p-dm_wixecd9TTFI6Zq7FJ0PBx2iJQV0sj749J-ZOaDf3yv0dIcEHNPFV2FXTLyrXWhDv5A0_pIbXcq-k52zMpnU6I_z7fCnW11nI6SWzWmeBcWKY3crbyHwPLyQXYYelvK-QAg4-eyEfAtKepab-6K9GRzmztG4_l2sGIXRBmselD6jJEUVtZnTfiY4Yoc_KbDmrJrUvF0IyPnG51Oi3do_NK0KnO8v2dZ3nUdVZTzV4iFZ8TJsJHbespsmaW9JqPph7IX5UMQzWqLLslI2kzFYCp4KFeo7-u3nDqWPQALwszuOsk_WqidMj-tasmA4_xzr3HiAcgAUetLpX8e9AM5wPHZGAk6kHp8P4sHIA5sCJlPfsdsg2pZ-jdZ-E7o1fWWs4FMuEu00f6qtsNvhvrdbyfjsnmr_yxlwXc-zurdZvU38lZ3SCA7nlbHd8VAybT0EwI0EVx0qJfB3UvbY-iTDd0j8-Jfi1upTvQDQzFzG038VH96RpOJKbw0F_NtuxBwsDp5bgRBybEjpL89nHfSdjot2zbEynLn3j_r-J21xVwX-yhJ_twSFARzepAN2nU0yow-Rjm3sRhG_42lEbyFiv6hXec0Gay1FzyaZt0fNimZjjM8ETXYQlhDB8-I7_2AE0wCyhRgd595-FUKV23wGWsJUqqX3FBfMh-yxPyb3CTw9k4wxIKMrE-XnBlvCME9ST2rmZuDaRJzS3Zt8gbQrXqoKX1YCCOjMmpDpaS3kIX_0FMV7KrDFm3JxlEKVXims-0Xsd_wWtnYKZKgSLflOUT53wtI6seX231IxBFoP_-0hzSMLdbQ8eB8m1DZ8_FA74k1USAej6gA_HAERlPonQVXbWtdNJu7x3draPZKVogOMUZcJLQ9s0NuqxEXSvLnrsgdcvX8MS0z2EY6GL49HhRsZSSXDnsiwoNqPN5VIxdJlVyjt7TC0fBWFM-p0GuhdbtuQ5loLnp_7DlYt-CrgVLp3ePKK4-QvuyweuJGo9SW3xZaYIKP7gDUfEbDG-6vLnxFkfChsrkdxBMIZEg9SHyibf8vU9l__IxrA2myNLsSyGKgtuo2grt76I_4hvRj83ARtLwbyyFE5ePOqqbU1iqMjSIJykumd3C6oiim7AgnkT9Ld6ttF3YYuNtJHIUuS7Go4MUA5wPJTFW6oh-ZT4GGA-OXhkW-zZlSiV9MuvGqYGxKjAy8x4i5zArn4LTh75XnQetubKeav65mPq_OYKOBnhZndSaD1WQ3CObblHL-xpNG97J0Untuq9RupMvJftY4K6Ej1MoCqZ3-jMh2eta-_Iy_uvx7SupGNZxhuKtBqYFV0nQXmsTqaO_d07wLqQiwh-8AYyMPyZvGFWPGUTJO8F0ch4IbCK3ripwjtSqDEJnCziD6anxUD-6iTyGW-DVQSofbMvBRFdawVlBXbSJ_CyQ-awQWSJeDsxdNC76JlyRWnOXeSAsD4376Iq8glvVE9lQ2Be0t42gcXX58ci_5q7d6GIBvHS--WkTWaPdQ4wiS5pnzYD1nzFS_501Z56YsEdbDkkjEqs08SDAM_v-siTJObNbIMs3IMyAW6mPBkfVc4eyM_QKWv6POKv-96oPb8VY5D_oc6fr5hkImdup1z3Kn0RWDgIPsdRWeA8JmSR55YzU8QyQJdMXv0UyWvRznYe2ycgaUSBgwV2J78yTuFSNZ52nYLVmzv56RUX4Arm-30NpszCxl9wpQ_YUBU_G8keLh57Q1V36mColLwqN3WIU4wr5ZsycjWEoIRPZvksmHPD2CfYXhY9Nl_9_ODb97IG8cMKQrJFavonKDFLXzjclnnAfIEmvKDx3lVVBBSGR2q-M9ALO2TCIUHmXa0lrU3BgV8l6XohoaibICUT9lxDoigFT16Q6rLHK5OnlO3rmQJt56xLxRiksv8z632UlTnXeghAY6jVme1A23v-4hxUhOaKUHqSYtW4gQJaMUkBL_Y97wkjTpkzrVU47wPqt28GeM0cILHhHFQRvrNAxZDgMJ5N0hfmU7WhjdBoGvH9hpeWF7onTehLdoVqlwGSqrdg0UkK7fYMvAhxRkN5hHP7ilHM8lDd087WJlAxn1pBVB0UHvL-CPWl5h8tFWmAMg39kl08ZTPQF5gtcSftnk&cid=CAQSTgB7FLtqgkGEKRKV5pHgkVSP7j6ExQutS5mQSVlwK6fhuukwLLXSa2Fp8mA5MlN6Lk8BEin58wMih3jfztMCf6Hw0eVbZ_MSfGyoA0eOiRgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fwww.easysurf.cc%2F&ds=l&xdt=1&iif=1&cor=7872330915680320000&adk=3476589349&idt=348&cac=0&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9685259408a614f84199f8ea2390fa1559f3fee25f03c66e2b2173f22947ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&h=90&adk=1055023138&adf=2653041513&w=728&lmt=1703960508&ad_type=text_image&format=728x90_as&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163328&bpp=311&bdt=675&idt=681&shv=r20240319&mjsv=m202403180101&ptt=5&saldr=sd&abxe=1&correlator=805795834212&frm=20&pv=2&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=695
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40998
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1976935/78579772/ Frame AB7D 59 KB
14 KB 429ms
96ms Script
application/javascript 44.205.158.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1976935/78579772/skeleton.js?bundleId=${BUNDLE_ID}&bidurl=https://www.easysurf.cc/ndate6.htm
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq7yFxhkC7RHfSkc_nPhOB9H91XjGiy7IMZJFbXzgE9VAdoqaj04952_KzNpNAUJ4IzkurhzRtPT40OnjXZv5xQPs-ZX2G8hv54jXwgLh9bDe2S1AnIFhx-5Y0R4TJQhVM-S94dM96AELRMHsK0JAE1rE8NLn_Nm7wEyai-Zy99Rvuw-bGCm99isvf-83_qYbobBYR0FdJQPxdIYaLLGkjdL7hKw&dbm_d=AKAmf-Cx0vEOmxfK2_kAHRvxSFgIp1xSv1WU_E6hkMD2KnJd6Zon0Shhmvt0fh8AW5jP8O7TlTmfsZFuEbPfuXtzkpPJRqdGllMznz8OP__Y_qwVLBGZD_DTxQ-QoPI3uzb9nUcw84j98dBqO7tAH0vgwiFUA4LukYCOFyKYQujuFXEFOX9EhSRrLU3tGBGI7LBsyWfsb6K7lFeiWSXGxk156Kps9cBC6dgfI4I53ZzKoxLu1fxA0MPcd-sX1GxoN57TOuSYVI8-F2E4t4ZJzg8MddoMyglHaPFcIDp5lGwZP5SLc64oyOnH1cEuQjz-_NHT45i0T8giGF1BQEMu7mTh2FCfQ22L19HHMEUOR_JXn9Mep8-bSjsMK5w_3YYgn65qohFcXU_Xj1cIfjmTx-n-bohaTi_3Nx1bW7oPm8NZbGeqq8nOBiWFaDIHfn5cRtZMyTt0cHdeaUId8JxZxi-iugOPtNo3Fsf4PzEsXiRHFx46ZAmAjhDkCpd1w7qw0ZEBWwBUG4PAnSijZ93y9cXUiKCkSIPzlpTxn0Pb6dP_Hsoz-IKlfnb6t_o2--ZnDU1H4ZIT7tM0ibcTF6lnZgpax23HhQP57Z6Xvwisx79Ch-Q6UgEYqSlHfUNH-OpcR6RtUmz_mtE35JVajtQhwDNZoRaY1MrHSJeuK0nfa3WZpsCzeTJ-2jPO_oy8JADBpVLwZ0G0mI_MPPcQ1LPkLfHE3dzvQ5lP1voAy_TXMqauDHd_eqmol-efmBUUf8LcQGTgQtXlS1ZTw3HvmZVSFOws3rirMf_vW3FwSdjlsz0OnBXtzKkUOFOCjLGIL2XWg7LE5ulgo900YdVVMT5Fw8kXfkWI9ytsNbvEvo1YXmAKl-Yghczd-KAVBbqXSoxAaadCLKnpL96UbjFoGubh4T3kUV04TkGH2HFaNx4FFMtX-QqOYXxixDWlEwiSDl5AxdJhENW_PyeDBwZeJ37ymgVz5ZaBzl8sPen8fBoV3Xmjs-bcGCaZmcMHIb-1L6HXazhHo21-rCpRX7P26g6DMcwYWofwNmPRGiDxoACMqWZNLUXCJBbiVezYrgvEB8H6hVcetGkUQMito8oZMnXjnsyqAHYimM8Zusi7n0uSHM67UAoyR1rHX-jytNAIpTanKjcaSWlnv9igwZiTwEum626NPl4PDK6ei_WcC2_b6FmhNJ7V2cQ99wK8QMde3iNZ7_CnXsznm5Eb9L9Fem40FV9JEkh7I4lBEezR0foRwSWuebPlfXAiYslywcpBfp5BmPzOkV93gJyA9JcO2xdAA2xSlt-f3bo0YsDmWFII6jx_DtD4YwmSCQciMvILu06HRTU80tB4KIZp8vef9CIeysFmYe84a2Imz_3pkLIPQzHlJbuyQoQbzGv-_OxYLZ8WcSatKMsmJmh-zcROLeNsYyGYs0u0p-dm_wixecd9TTFI6Zq7FJ0PBx2iJQV0sj749J-ZOaDf3yv0dIcEHNPFV2FXTLyrXWhDv5A0_pIbXcq-k52zMpnU6I_z7fCnW11nI6SWzWmeBcWKY3crbyHwPLyQXYYelvK-QAg4-eyEfAtKepab-6K9GRzmztG4_l2sGIXRBmselD6jJEUVtZnTfiY4Yoc_KbDmrJrUvF0IyPnG51Oi3do_NK0KnO8v2dZ3nUdVZTzV4iFZ8TJsJHbespsmaW9JqPph7IX5UMQzWqLLslI2kzFYCp4KFeo7-u3nDqWPQALwszuOsk_WqidMj-tasmA4_xzr3HiAcgAUetLpX8e9AM5wPHZGAk6kHp8P4sHIA5sCJlPfsdsg2pZ-jdZ-E7o1fWWs4FMuEu00f6qtsNvhvrdbyfjsnmr_yxlwXc-zurdZvU38lZ3SCA7nlbHd8VAybT0EwI0EVx0qJfB3UvbY-iTDd0j8-Jfi1upTvQDQzFzG038VH96RpOJKbw0F_NtuxBwsDp5bgRBybEjpL89nHfSdjot2zbEynLn3j_r-J21xVwX-yhJ_twSFARzepAN2nU0yow-Rjm3sRhG_42lEbyFiv6hXec0Gay1FzyaZt0fNimZjjM8ETXYQlhDB8-I7_2AE0wCyhRgd595-FUKV23wGWsJUqqX3FBfMh-yxPyb3CTw9k4wxIKMrE-XnBlvCME9ST2rmZuDaRJzS3Zt8gbQrXqoKX1YCCOjMmpDpaS3kIX_0FMV7KrDFm3JxlEKVXims-0Xsd_wWtnYKZKgSLflOUT53wtI6seX231IxBFoP_-0hzSMLdbQ8eB8m1DZ8_FA74k1USAej6gA_HAERlPonQVXbWtdNJu7x3draPZKVogOMUZcJLQ9s0NuqxEXSvLnrsgdcvX8MS0z2EY6GL49HhRsZSSXDnsiwoNqPN5VIxdJlVyjt7TC0fBWFM-p0GuhdbtuQ5loLnp_7DlYt-CrgVLp3ePKK4-QvuyweuJGo9SW3xZaYIKP7gDUfEbDG-6vLnxFkfChsrkdxBMIZEg9SHyibf8vU9l__IxrA2myNLsSyGKgtuo2grt76I_4hvRj83ARtLwbyyFE5ePOqqbU1iqMjSIJykumd3C6oiim7AgnkT9Ld6ttF3YYuNtJHIUuS7Go4MUA5wPJTFW6oh-ZT4GGA-OXhkW-zZlSiV9MuvGqYGxKjAy8x4i5zArn4LTh75XnQetubKeav65mPq_OYKOBnhZndSaD1WQ3CObblHL-xpNG97J0Untuq9RupMvJftY4K6Ej1MoCqZ3-jMh2eta-_Iy_uvx7SupGNZxhuKtBqYFV0nQXmsTqaO_d07wLqQiwh-8AYyMPyZvGFWPGUTJO8F0ch4IbCK3ripwjtSqDEJnCziD6anxUD-6iTyGW-DVQSofbMvBRFdawVlBXbSJ_CyQ-awQWSJeDsxdNC76JlyRWnOXeSAsD4376Iq8glvVE9lQ2Be0t42gcXX58ci_5q7d6GIBvHS--WkTWaPdQ4wiS5pnzYD1nzFS_501Z56YsEdbDkkjEqs08SDAM_v-siTJObNbIMs3IMyAW6mPBkfVc4eyM_QKWv6POKv-96oPb8VY5D_oc6fr5hkImdup1z3Kn0RWDgIPsdRWeA8JmSR55YzU8QyQJdMXv0UyWvRznYe2ycgaUSBgwV2J78yTuFSNZ52nYLVmzv56RUX4Arm-30NpszCxl9wpQ_YUBU_G8keLh57Q1V36mColLwqN3WIU4wr5ZsycjWEoIRPZvksmHPD2CfYXhY9Nl_9_ODb97IG8cMKQrJFavonKDFLXzjclnnAfIEmvKDx3lVVBBSGR2q-M9ALO2TCIUHmXa0lrU3BgV8l6XohoaibICUT9lxDoigFT16Q6rLHK5OnlO3rmQJt56xLxRiksv8z632UlTnXeghAY6jVme1A23v-4hxUhOaKUHqSYtW4gQJaMUkBL_Y97wkjTpkzrVU47wPqt28GeM0cILHhHFQRvrNAxZDgMJ5N0hfmU7WhjdBoGvH9hpeWF7onTehLdoVqlwGSqrdg0UkK7fYMvAhxRkN5hHP7ilHM8lDd087WJlAxn1pBVB0UHvL-CPWl5h8tFWmAMg39kl08ZTPQF5gtcSftnk&cid=CAQSTgB7FLtqgkGEKRKV5pHgkVSP7j6ExQutS5mQSVlwK6fhuukwLLXSa2Fp8mA5MlN6Lk8BEin58wMih3jfztMCf6Hw0eVbZ_MSfGyoA0eOiRgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fwww.easysurf.cc%2F&ds=l&xdt=1&iif=1&cor=7872330915680320000&adk=3476589349&idt=348&cac=0&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.158.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-158-91.compute-1.amazonaws.com
Software: /
Resource Hash: 33c8c7ab8e5017018991cd339d34c578c396fcb672dc3bfb6a94065c740546ca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame AB7D 31 KB
11 KB 117ms
116ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq7yFxhkC7RHfSkc_nPhOB9H91XjGiy7IMZJFbXzgE9VAdoqaj04952_KzNpNAUJ4IzkurhzRtPT40OnjXZv5xQPs-ZX2G8hv54jXwgLh9bDe2S1AnIFhx-5Y0R4TJQhVM-S94dM96AELRMHsK0JAE1rE8NLn_Nm7wEyai-Zy99Rvuw-bGCm99isvf-83_qYbobBYR0FdJQPxdIYaLLGkjdL7hKw&dbm_d=AKAmf-Cx0vEOmxfK2_kAHRvxSFgIp1xSv1WU_E6hkMD2KnJd6Zon0Shhmvt0fh8AW5jP8O7TlTmfsZFuEbPfuXtzkpPJRqdGllMznz8OP__Y_qwVLBGZD_DTxQ-QoPI3uzb9nUcw84j98dBqO7tAH0vgwiFUA4LukYCOFyKYQujuFXEFOX9EhSRrLU3tGBGI7LBsyWfsb6K7lFeiWSXGxk156Kps9cBC6dgfI4I53ZzKoxLu1fxA0MPcd-sX1GxoN57TOuSYVI8-F2E4t4ZJzg8MddoMyglHaPFcIDp5lGwZP5SLc64oyOnH1cEuQjz-_NHT45i0T8giGF1BQEMu7mTh2FCfQ22L19HHMEUOR_JXn9Mep8-bSjsMK5w_3YYgn65qohFcXU_Xj1cIfjmTx-n-bohaTi_3Nx1bW7oPm8NZbGeqq8nOBiWFaDIHfn5cRtZMyTt0cHdeaUId8JxZxi-iugOPtNo3Fsf4PzEsXiRHFx46ZAmAjhDkCpd1w7qw0ZEBWwBUG4PAnSijZ93y9cXUiKCkSIPzlpTxn0Pb6dP_Hsoz-IKlfnb6t_o2--ZnDU1H4ZIT7tM0ibcTF6lnZgpax23HhQP57Z6Xvwisx79Ch-Q6UgEYqSlHfUNH-OpcR6RtUmz_mtE35JVajtQhwDNZoRaY1MrHSJeuK0nfa3WZpsCzeTJ-2jPO_oy8JADBpVLwZ0G0mI_MPPcQ1LPkLfHE3dzvQ5lP1voAy_TXMqauDHd_eqmol-efmBUUf8LcQGTgQtXlS1ZTw3HvmZVSFOws3rirMf_vW3FwSdjlsz0OnBXtzKkUOFOCjLGIL2XWg7LE5ulgo900YdVVMT5Fw8kXfkWI9ytsNbvEvo1YXmAKl-Yghczd-KAVBbqXSoxAaadCLKnpL96UbjFoGubh4T3kUV04TkGH2HFaNx4FFMtX-QqOYXxixDWlEwiSDl5AxdJhENW_PyeDBwZeJ37ymgVz5ZaBzl8sPen8fBoV3Xmjs-bcGCaZmcMHIb-1L6HXazhHo21-rCpRX7P26g6DMcwYWofwNmPRGiDxoACMqWZNLUXCJBbiVezYrgvEB8H6hVcetGkUQMito8oZMnXjnsyqAHYimM8Zusi7n0uSHM67UAoyR1rHX-jytNAIpTanKjcaSWlnv9igwZiTwEum626NPl4PDK6ei_WcC2_b6FmhNJ7V2cQ99wK8QMde3iNZ7_CnXsznm5Eb9L9Fem40FV9JEkh7I4lBEezR0foRwSWuebPlfXAiYslywcpBfp5BmPzOkV93gJyA9JcO2xdAA2xSlt-f3bo0YsDmWFII6jx_DtD4YwmSCQciMvILu06HRTU80tB4KIZp8vef9CIeysFmYe84a2Imz_3pkLIPQzHlJbuyQoQbzGv-_OxYLZ8WcSatKMsmJmh-zcROLeNsYyGYs0u0p-dm_wixecd9TTFI6Zq7FJ0PBx2iJQV0sj749J-ZOaDf3yv0dIcEHNPFV2FXTLyrXWhDv5A0_pIbXcq-k52zMpnU6I_z7fCnW11nI6SWzWmeBcWKY3crbyHwPLyQXYYelvK-QAg4-eyEfAtKepab-6K9GRzmztG4_l2sGIXRBmselD6jJEUVtZnTfiY4Yoc_KbDmrJrUvF0IyPnG51Oi3do_NK0KnO8v2dZ3nUdVZTzV4iFZ8TJsJHbespsmaW9JqPph7IX5UMQzWqLLslI2kzFYCp4KFeo7-u3nDqWPQALwszuOsk_WqidMj-tasmA4_xzr3HiAcgAUetLpX8e9AM5wPHZGAk6kHp8P4sHIA5sCJlPfsdsg2pZ-jdZ-E7o1fWWs4FMuEu00f6qtsNvhvrdbyfjsnmr_yxlwXc-zurdZvU38lZ3SCA7nlbHd8VAybT0EwI0EVx0qJfB3UvbY-iTDd0j8-Jfi1upTvQDQzFzG038VH96RpOJKbw0F_NtuxBwsDp5bgRBybEjpL89nHfSdjot2zbEynLn3j_r-J21xVwX-yhJ_twSFARzepAN2nU0yow-Rjm3sRhG_42lEbyFiv6hXec0Gay1FzyaZt0fNimZjjM8ETXYQlhDB8-I7_2AE0wCyhRgd595-FUKV23wGWsJUqqX3FBfMh-yxPyb3CTw9k4wxIKMrE-XnBlvCME9ST2rmZuDaRJzS3Zt8gbQrXqoKX1YCCOjMmpDpaS3kIX_0FMV7KrDFm3JxlEKVXims-0Xsd_wWtnYKZKgSLflOUT53wtI6seX231IxBFoP_-0hzSMLdbQ8eB8m1DZ8_FA74k1USAej6gA_HAERlPonQVXbWtdNJu7x3draPZKVogOMUZcJLQ9s0NuqxEXSvLnrsgdcvX8MS0z2EY6GL49HhRsZSSXDnsiwoNqPN5VIxdJlVyjt7TC0fBWFM-p0GuhdbtuQ5loLnp_7DlYt-CrgVLp3ePKK4-QvuyweuJGo9SW3xZaYIKP7gDUfEbDG-6vLnxFkfChsrkdxBMIZEg9SHyibf8vU9l__IxrA2myNLsSyGKgtuo2grt76I_4hvRj83ARtLwbyyFE5ePOqqbU1iqMjSIJykumd3C6oiim7AgnkT9Ld6ttF3YYuNtJHIUuS7Go4MUA5wPJTFW6oh-ZT4GGA-OXhkW-zZlSiV9MuvGqYGxKjAy8x4i5zArn4LTh75XnQetubKeav65mPq_OYKOBnhZndSaD1WQ3CObblHL-xpNG97J0Untuq9RupMvJftY4K6Ej1MoCqZ3-jMh2eta-_Iy_uvx7SupGNZxhuKtBqYFV0nQXmsTqaO_d07wLqQiwh-8AYyMPyZvGFWPGUTJO8F0ch4IbCK3ripwjtSqDEJnCziD6anxUD-6iTyGW-DVQSofbMvBRFdawVlBXbSJ_CyQ-awQWSJeDsxdNC76JlyRWnOXeSAsD4376Iq8glvVE9lQ2Be0t42gcXX58ci_5q7d6GIBvHS--WkTWaPdQ4wiS5pnzYD1nzFS_501Z56YsEdbDkkjEqs08SDAM_v-siTJObNbIMs3IMyAW6mPBkfVc4eyM_QKWv6POKv-96oPb8VY5D_oc6fr5hkImdup1z3Kn0RWDgIPsdRWeA8JmSR55YzU8QyQJdMXv0UyWvRznYe2ycgaUSBgwV2J78yTuFSNZ52nYLVmzv56RUX4Arm-30NpszCxl9wpQ_YUBU_G8keLh57Q1V36mColLwqN3WIU4wr5ZsycjWEoIRPZvksmHPD2CfYXhY9Nl_9_ODb97IG8cMKQrJFavonKDFLXzjclnnAfIEmvKDx3lVVBBSGR2q-M9ALO2TCIUHmXa0lrU3BgV8l6XohoaibICUT9lxDoigFT16Q6rLHK5OnlO3rmQJt56xLxRiksv8z632UlTnXeghAY6jVme1A23v-4hxUhOaKUHqSYtW4gQJaMUkBL_Y97wkjTpkzrVU47wPqt28GeM0cILHhHFQRvrNAxZDgMJ5N0hfmU7WhjdBoGvH9hpeWF7onTehLdoVqlwGSqrdg0UkK7fYMvAhxRkN5hHP7ilHM8lDd087WJlAxn1pBVB0UHvL-CPWl5h8tFWmAMg39kl08ZTPQF5gtcSftnk&cid=CAQSTgB7FLtqgkGEKRKV5pHgkVSP7j6ExQutS5mQSVlwK6fhuukwLLXSa2Fp8mA5MlN6Lk8BEin58wMih3jfztMCf6Hw0eVbZ_MSfGyoA0eOiRgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fwww.easysurf.cc%2F&ds=l&xdt=1&iif=1&cor=7872330915680320000&adk=3476589349&idt=348&cac=0&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11694
x-xss-protection: 0
server: cafe
etag: 7675425396172501416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 02:01:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame AB7D 12 KB
4 KB 118ms
118ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:04:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB7D 0
0 535ms
239ms Fetch
image/gif 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCLZ6Fi5xdpCkRXDkAO5SqV3XerccWGSU8oRxBZMVxRJlDPFEAsbzNFBzYSJ_vmQ5cNI-loPP0e-qki2ERsFOVSFNK-b89fGNOcVgHgAY4IxqCbhqIzcA-ehhBknhZAniItimBdLtDJ70fNIP-FMsPmy_rmrJgWBR3jLozunDpXqAfTRdZpRGMKiQDCNJTsnla12FTxRMKnkYyFQgV3D8DBRLQGG6h5KA89cws0Fpay-nAvlxeeDBd5WlTf0fg0Q3p1DZkg5mKgfNDjE9Gvq9ug6GwUc847WS37r3Tc1Fcbie-ljfRsN76wAVonyhSRx6lRtf5nN4OnqZMBRj9-fEksUVLHoJcoAUfh68Tqb718Pv57cVHiaMbw41N_BX7NMMqZtY21KI7lMsLm9k7QdJsObOfo3tvG8n4t1zx2z2ozfjf5tq0-h5JWmUgkUVLvZJfoiDg3MKoMhACu-DvAOc6RzqgRWRlhCuDpb_ZyMBQMetrRfU_2cvEGzcMjOXHeK1G7NbuWhGCfSyPsbrmpvvTWHXwMDrI7vhYYHlbDYnf25YIf3F1OJvSOcGRZAUqmw6HSauVjk93DTpRNYIe16zhZxagbvjRQgIbrkzgh7CawdtSAlPToPYZUSN34n7faNuSj5CB_fLPnNqu9S_JcGmBx1zv77vawIKFUlUpgE9QiaOcLuFfz6XYNnZ6-FqWMinc8ZD_OAy5pVpzqHtVAesUKrFi8QOYGsCT5dm_B7MhgUTel-FN6t72lCHAZStGShTaGepwMz3fo6e5jqM-FkWOKUfgpRMhOzWZanyU4nhxJ8nq0O21yZnxJNIVw1PLreCEONjMqA7TERPtS3TcDLMwaJvo45wWa3MmTa6wF4T3uONf_gY1z5Kkia0mndK9bN9dmx_44Wou2l7jh37sbnGtH3u66nUm5lEd4am7kXc-1iO9v8XZfEDHjjxRpTWfvn68MFVXxvWd3gCpSRpviJQrLbmJEm27TdUY5Zos1YgAsCn7lfqIg2iqVK8P1h5PuaDp4_7peuYD5VQuOMTkvsD70b4dK4f8aEgZuVz89OAnmNKrsqqB-j2vt4sfzSwfuTPQfD6F2l70JoUReA7m3mmlQtEvhhpmb0GGyjZdwmigM9XhEkx7IjGMzMX5jP98MwGdI8Igs2aKUD_unu30OXnbypdFt3jGeRWgI4mbstZKshI9jgbBmpDxJEwMvo43D1Nz0_w89rj_dbpZb5LNw4QsguwMlrPgu0leDTH65gbF42fd7bJs14Hdcydy4yIjg7kkwTAFwCMpp5vdRxltcC7TcBXyAHIggmFP2E9yb4e-SxBvjM61B4dOFRW_psqxCCyVRJrkoyCp9OyjT4up9XAB5S_pbxtNTaYdiYP5ebtoayEcVNrB0jS_QYrmGdcz3u9ahfyvXYrM5WaTOqvjPaqwpWKKtA&sai=AMfl-YQ4bsv-odBCm3s-wlBXAX4jCBu3h5Llnjec-Gs9HBZ2FXxwoAeSY3PG9rKfqz7EHOikHp4eASxf48P_int45D8KYdnudraWn0cFpIJ0hXMS4g6kdJ29BXu4HuvOOMUDgsk97iiLRI0tViErACDLZoi5EfCYSsx8oCskV97JXqYf2F-Ch5ZNY7pBEustv3YNj12cdiy6j48_ZDLV5coHbZfw70ezpgLf6zNdEkdW3X6WYSM9iNwX8Csc0sd9JQWyF6W0Fc9vVchsEHvN_QfvidE7Q9HzQkqw4VnrDgdwKA49UKVr0BqLVxIqa2xnF5bT&sig=Cg0ArKJSzFAcrlkeFfjOEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240319.62626&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 18:02:46 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:02:46 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AB7D 41 KB
14 KB 120ms
119ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 18:35:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Mar 2025 18:35:32 GMT

GET
H2 200 3944842886781686343
s0.2mdn.net/simgad/ Frame AB7D 13 KB
14 KB 543ms
140ms Image
image/png 2607:f8b0:4004:c06::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3944842886781686343

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6088b3014d54229975c807d65f756e3cab296d8149a20b3d57ab99fee4041a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 01:48:48 GMT
date: Thu, 21 Mar 2024 01:48:48 GMT
x-content-type-options: nosniff
age: 58438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13597
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 07:39:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame AB7D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6cdb0da31312fcb9056520293677d761fec7a21eb9c43793f8233a5ee3c14ff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2463 38 KB
13 KB 140ms
140ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 318242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 01:38:43 GMT
expires: Tue, 18 Mar 2025 01:38:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2463 52 KB
20 KB 126ms
126ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20325
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 02:05:10 GMT

GET
H2 200 main.19.8.491.js Show response
static.adsafeprotected.com/ Frame AB7D 216 KB
67 KB 627ms
146ms Script
application/javascript 2600:9000:24f4:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.491.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1976935/78579772/skeleton.js?bundleId=${BUNDLE_ID}&bidurl=https://www.easysurf.cc/ndate6.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4a391b257a6995671b0815752fa0784d079bc7266d15e59bc7a76eebc8b46d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 21:17:54 GMT
x-amz-version-id: wHx9kGfMtHSCY3NFYeny6RZbFrO9IDhq
content-encoding: gzip
via: 1.1 4e2b60a8131e436f5ac38dc8a953edf4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 161092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Mar 2024 18:56:42 GMT
server: AmazonS3
etag: W/"3b6ff1d377956e23af5815888d2962f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: g714aWjdL9rL6V-iRhpZOkbd2IzAHGZElPA4pt9-pb1wHWVvezNlZA==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB7D 0
0 160ms
159ms Fetch
image/gif 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCLZ6Fi5xdpCkRXDkAO5SqV3XerccWGSU8oRxBZMVxRJlDPFEAsbzNFBzYSJ_vmQ5cNI-loPP0e-qki2ERsFOVSFNK-b89fGNOcVgHgAY4IxqCbhqIzcA-ehhBknhZAniItimBdLtDJ70fNIP-FMsPmy_rmrJgWBR3jLozunDpXqAfTRdZpRGMKiQDCNJTsnla12FTxRMKnkYyFQgV3D8DBRLQGG6h5KA89cws0Fpay-nAvlxeeDBd5WlTf0fg0Q3p1DZkg5mKgfNDjE9Gvq9ug6GwUc847WS37r3Tc1Fcbie-ljfRsN76wAVonyhSRx6lRtf5nN4OnqZMBRj9-fEksUVLHoJcoAUfh68Tqb718Pv57cVHiaMbw41N_BX7NMMqZtY21KI7lMsLm9k7QdJsObOfo3tvG8n4t1zx2z2ozfjf5tq0-h5JWmUgkUVLvZJfoiDg3MKoMhACu-DvAOc6RzqgRWRlhCuDpb_ZyMBQMetrRfU_2cvEGzcMjOXHeK1G7NbuWhGCfSyPsbrmpvvTWHXwMDrI7vhYYHlbDYnf25YIf3F1OJvSOcGRZAUqmw6HSauVjk93DTpRNYIe16zhZxagbvjRQgIbrkzgh7CawdtSAlPToPYZUSN34n7faNuSj5CB_fLPnNqu9S_JcGmBx1zv77vawIKFUlUpgE9QiaOcLuFfz6XYNnZ6-FqWMinc8ZD_OAy5pVpzqHtVAesUKrFi8QOYGsCT5dm_B7MhgUTel-FN6t72lCHAZStGShTaGepwMz3fo6e5jqM-FkWOKUfgpRMhOzWZanyU4nhxJ8nq0O21yZnxJNIVw1PLreCEONjMqA7TERPtS3TcDLMwaJvo45wWa3MmTa6wF4T3uONf_gY1z5Kkia0mndK9bN9dmx_44Wou2l7jh37sbnGtH3u66nUm5lEd4am7kXc-1iO9v8XZfEDHjjxRpTWfvn68MFVXxvWd3gCpSRpviJQrLbmJEm27TdUY5Zos1YgAsCn7lfqIg2iqVK8P1h5PuaDp4_7peuYD5VQuOMTkvsD70b4dK4f8aEgZuVz89OAnmNKrsqqB-j2vt4sfzSwfuTPQfD6F2l70JoUReA7m3mmlQtEvhhpmb0GGyjZdwmigM9XhEkx7IjGMzMX5jP98MwGdI8Igs2aKUD_unu30OXnbypdFt3jGeRWgI4mbstZKshI9jgbBmpDxJEwMvo43D1Nz0_w89rj_dbpZb5LNw4QsguwMlrPgu0leDTH65gbF42fd7bJs14Hdcydy4yIjg7kkwTAFwCMpp5vdRxltcC7TcBXyAHIggmFP2E9yb4e-SxBvjM61B4dOFRW_psqxCCyVRJrkoyCp9OyjT4up9XAB5S_pbxtNTaYdiYP5ebtoayEcVNrB0jS_QYrmGdcz3u9ahfyvXYrM5WaTOqvjPaqwpWKKtA&sai=AMfl-YQ4bsv-odBCm3s-wlBXAX4jCBu3h5Llnjec-Gs9HBZ2FXxwoAeSY3PG9rKfqz7EHOikHp4eASxf48P_int45D8KYdnudraWn0cFpIJ0hXMS4g6kdJ29BXu4HuvOOMUDgsk97iiLRI0tViErACDLZoi5EfCYSsx8oCskV97JXqYf2F-Ch5ZNY7pBEustv3YNj12cdiy6j48_ZDLV5coHbZfw70ezpgLf6zNdEkdW3X6WYSM9iNwX8Csc0sd9JQWyF6W0Fc9vVchsEHvN_QfvidE7Q9HzQkqw4VnrDgdwKA49UKVr0BqLVxIqa2xnF5bT&sig=Cg0ArKJSzFAcrlkeFfjOEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=557&vt=11&dtpt=555&dett=2&cstd=0&cisv=r20240319.62626&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 18:02:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2463 0
20 B 187ms
186ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6OTpRXb8ZZSVHs6foPwPzeexyAgAAAAAOAHgBAI&bg=!zM-lz4DNAAZewuCMfsI7ADQBe5WfOLxn530Y0ES08nLamabX4UkA8pXCQNn8CXBOKKHLxaz2QalsGQ8HbhJOHqgUCK8uAgAAAFdSAAAAA2gBB34ANaKvxW_ljRZ681OTmdO16ZawuuscEuyqzYJ2vxmMThMlChZ7xOnVs2XzBTHt7EDoUEYNO4OeCgA7d68zzeHVU5_YxhUH_u2z8sn10TJqzbP9cvOa2haQzZB7FFlPAxDQ1LJun4-K3EU560kvpyqIefb65miZAomduYmIBw4opCs3dE-zXuOlmWHB5yZN2zSL1HQerTEW3pEkrI_hjsZLkT1OTmHlW61A2UKG55mTPYuhfYhjWwOmNTg5XKtI9Fl9-edofrtx6FbP1I4bDgLS4dmLauYA1ti6Vo_1_xH3E9tNSkD8btvSJpcB_jYRw-velA2rLPhYT-nsdaAsItspoJ20CYFLodh_vsGGKDCcUQ7SghCbdNyBmLPkoXS835vLI9a22Onx1LayYi2geXBpH5zyVNLroselIWRtr6k3Zo7Fm7u6fSAolcw1G4pxcAkVythTVBTFklWOVakGKwLRI8VZysrmHsKiXPmgpoJCISD_zFLiL_Vt2SrHNWvA2y0Mb82cRbyxIZ5aKNU8k_I1HdbRwtdfIazsRPzLPN8QfB99LHGljj3Du-5YZ1kvDZsUz5EcCOMl5UHr-AQs6914Vo2GVMF9a-nsARzrAP-rEZnDaTQwXxFx_4EEQtpFqcdOznLnr6fozOrM6yEg3XH2tlvUm9XNcof62QKNuYk-PSQwBcnsEpMZOyPNY_ghQoOj5_wV6S3jzkk9faxCLS22sQqbNmmjAo_lwYMIi_d5nqpNNjb91qrwTTC3N5Hn9aRJakdbu2RqFohyPbGEvjJ6s517pGQy-4e8eQSoS8Hr3wapXkpYQHCRSoXz9vhkBymnlyaHM3YrOnzA0jjIkz4VHbBjgDQyZJ15GAdD-97mjwEFy_bIgM4QqEz59arDKEz6-fUa5lyApW3lGsermCX7h5rLTZ47yutXGCyxgGt1PiX9J31zAbc4Gd3uhbsYgoVKV6VmuTc5AZ5rA_WxVzOkwsg-ScOiPAXnUzTWRWg9-72LaXfQQFFOVyaJLlAiYrSY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 598ms
181ms XHR
application/json 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a8cb1e93048f836ef1631396f8c1f7e345635fd2d4e7e1224a456ec235164c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12312
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame AB7D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1976935/78579772/skeleton.js?bundleId=${BUNDLE_ID}&bidurl=https://www.easysurf.cc/ndate6.htm&adsafe_url=https%3A%2F%2Fwww.easysurf.cc&adsafe_type=y&adsafe_url=...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

116ms
116ms

Script
application/javascript

2600:9000:24f4:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:24f4:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 07:19:48 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 4e2b60a8131e436f5ac38dc8a953edf4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 30537780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: TjAe7mJQ04qk-EI9IhLd4wZICqR7ZcP9DpBzye-SQORImzGWxFlG1w==

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:46 GMT
server: nginx
x-server-name: app18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3954 91 KB
23 KB 122ms
121ms Script
application/javascript 2600:9000:24f4:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970496540640230&output=html&h=90&adk=1055023138&adf=2653041513&w=728&lmt=1703960508&ad_type=text_image&format=728x90_as&url=https%3A%2F%2Fwww.easysurf.cc%2Fndate6.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711044163328&bpp=311&bdt=675&idt=681&shv=r20240319&mjsv=m202403180101&ptt=5&saldr=sd&abxe=1&correlator=805795834212&frm=20&pv=2&ga_vid=300381148.1711044164&ga_sid=1711044164&ga_hid=1492391573&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081575%2C44795921%2C95326315%2C95320377%2C21065724&oid=2&pvsid=84261904384178&tmod=177070321&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e2b60a8131e436f5ac38dc8a953edf4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 30627092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fBVZ9LSFI6qvpDddq5OLB2CU7tSdKm-1AyHCpRWGXszSBlD0EWD99Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
216 B 695ms
200ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNCu,pingTime:-3,time:816,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:787%7D,%7Bpiv:100,vs:i,t:815%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:816,o:0,n:815,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:786,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:i,t:815,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:789%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
215 B 693ms
200ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNCv,pingTime:-6,time:817,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:817,o:0,n:815,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:786,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:i,t:815,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:789%7D&tpiLookup=ao:www.easysurf.cc*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
215 B 690ms
202ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNCB,pingTime:-2,time:823,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1636,bdZ:2082,beA:2084,beZ:2086,mfA:2843,cmA:2846,inA:2847,inZ:2855,prA:2855,prZ:2863,si:2872,poA:2874,poZ:2896,cmZ:2896,mfZ:2896,loA:2901,loZ:2903,ltA:2907,ltZ:2907,mdA:2087,mdZ:2820%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:787%7D,%7Bpiv:100,vs:i,t:815%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:823,o:0,n:815,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:786,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:i,t:815,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8~100%5D,as:%5B8~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:789,sinceFw:33,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
215 B 449ms
201ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNGs,time:1062,type:e,im:%7Bimprf:%7Bttecl:1485,ecd:246,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1062,o:0,n:815,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:786,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:i,t:815,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B247~100%5D,as:%5B247~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:789,sis:1037%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB7D 42 B
64 B 197ms
173ms Fetch
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjlJmv5Z9J7Npe3IkLT4VBjWp9wg6IeOqEf3wE71vrl9xtSMe611Ut39KdfjxOW7CB6amjsgecCmTCIFX--y1rUBEu63klUXL_ZVnV4ApEUxzyttW67Qa1DnzHZyoNYuqQrOFbxANcXTzmqU3UG6PhsbCP1rCtf2A&sai=AMfl-YTRkCVNK94v6oioI-7KDFPIiAbasNe8qpzPDZPycvrFQop8pfURjVR5tT3KelAusPZYDfu92LO_wl_nozCZHkeb4R61vw7T3aS19rTpFYchMCbD_HHQrLQ0P1vC5dgRTkfaoVRac_O21aRhXO-Z&sig=Cg0ArKJSzHaIT17FUSatEAE&cid=CAQSTgB7FLtqgkGEKRKV5pHgkVSP7j6ExQutS5mQSVlwK6fhuukwLLXSa2Fp8mA5MlN6Lk8BEin58wMih3jfztMCf6Hw0eVbZ_MSfGyoA0eOiRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1055023138&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=697696500&rst=1711044164026&rpt=2198&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
215 B 250ms
201ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNJG,pingTime:-10,time:1262,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0MjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjEyOCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1711044167372%7C%7Ca018484e6b71a848d8c2754272cd5c35%7C%7Cc2f0dae1be250666004502f5b1159da0%7C%7C26e935ae11600b41ef6df4b3badcfa11%7C%7Cd229da14b4d5cb5b9fe3cdcb8ff54694%7C%7Cd2a26e88789aa5ba726675c4a9304031%7C%7C87b35d2ae21742ef481c036d5a754042%7C%7C31e74e281ad39e6c8b52c9e2df229999%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 119ms
119ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.easysurf.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 18:02:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B578 13 KB
5 KB 117ms
117ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easysurf.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 161592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 21:09:35 GMT
expires: Wed, 19 Mar 2025 21:09:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame A886 0
0

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B578 40 KB
16 KB 117ms
117ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 02:08:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB7D 0
20 B 186ms
185ms Ping
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9325945269264&version=m202402290101&ct=76&x=1&cor=7872330915680320000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
215 B 116ms
116ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNSB,pingTime:1,time:1815,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:787%7D,%7Bpiv:100,vs:i,t:815%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1815,o:0,n:815,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:786,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:i,t:815,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:691,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:789,sis:1037%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:47 GMT
server: nginx
x-server-name: dt34.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB7D 43 B
215 B 170ms
170ms Image
image/gif 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1976935&asId=e3482acc-f022-00a5-570a-cabfd689e05c&tv=%7Bc:7AdNSB,pingTime:1,time:1815,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:787%7D,%7Bpiv:100,vs:i,t:815%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1816,o:0,n:815,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:786,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:i,t:815,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:691,fm:u7GeWOa+11*.1976935-78579772%7C111%7C112%7C12,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:789,sis:1037%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 18:02:48 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B578 0
10 B 117ms
116ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZVBL7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:02:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sm2.sitemeter.com
URL: http://sm2.sitemeter.com/js/counter.js?site=sm2easysurf

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 04:53:24	Name: IDE Value: AHWqTUkFFuBH1NkZIZ3H5jW3MalfAS8kI9MIwz_Vckc8bBCdnhj8H1NPfS_naRtZ
.doubleclick.net/	1970-01-20 23:36:36	Name: APC Value: AfxxVi4ebazKGCsRv3iZfKlFQZAVl0AbIFBXs23IKFKWA11lvhZnGg
.doubleclick.net/	1970-01-20 23:36:36	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 04:03:00	Name: CMID Value: Zfx2RdHM50kAAFVdAN2OhAAA
.casalemedia.com/	1970-01-20 21:27:00	Name: CMPS Value: 1382
.casalemedia.com/	1970-01-20 21:27:00	Name: CMPRO Value: 1382
.easysurf.cc/	1970-01-21 04:39:00	Name: __gads Value: ID=5e098e76dcb14590:T=1711044164:RT=1711044164:S=ALNI_MaXhx8BZyyCHbRA6FsBABdKiNq-Dw
.easysurf.cc/	1970-01-21 04:39:00	Name: __gpi Value: UID=00000dd46b85dd78:T=1711044164:RT=1711044164:S=ALNI_MZh5xh_G5CHWSQL1_pINb_EHCKzzw
.easysurf.cc/	1970-01-20 23:36:36	Name: __eoi Value: ID=35222630f0931cf7:T=1711044164:RT=1711044164:S=AA-AfjYqomyy1VU0C6BSUVIgaKqh
.adnxs.com/	1970-01-21 04:53:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:27:00	Name: XANDR_PANID Value: HdvIvU3aFuUgZzjOy-WKCYsKFLELodh-49vWPkRFtRRTecQ7S6TacKbTJZ5v6UVchTdQpgF4b2cHRV2TCYnUAOE79UcBPH6-fBjlFmWlTck.
.adnxs.com/	1970-01-20 21:27:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQtG:8Q!@wnfH8K6pQK`!5=E<L5?%M77P+b)fyGjlg>Q8h/C`78OTO2@<hz3S9gMIbpRzqF1`b`B[<v68
.adnxs.com/	1970-01-20 21:27:00	Name: uuid2 Value: 7570677218793248280

43 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Mixed Content: The page at 'https://www.easysurf.cc/ndate6.htm' was loaded over HTTPS, but requested an insecure element 'http://t1.extreme-dm.com/i.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Mixed Content: The page at 'https://www.easysurf.cc/ndate6.htm' was loaded over HTTPS, but requested an insecure element 'http://www.easy2surf.com/cgi-bin/dtcount.cgi'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.easysurf.cc/ndate6.htm Message: Mixed Content: The page at 'https://www.easysurf.cc/ndate6.htm' was loaded over HTTPS, but requested an insecure script 'http://sm2.sitemeter.com/js/counter.js?site=sm2easysurf'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.easysurf.cc/ndate6.htm(Line 799) Message: Mixed Content: The page at 'https://www.easysurf.cc/ndate6.htm' was loaded over HTTPS, but requested an insecure element 'http://t1.extreme-dm.com/i.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Mixed Content: The page at 'https://www.easysurf.cc/ndate6.htm' was loaded over HTTPS, but requested an insecure element 'http://e2.extreme-dm.com/s11.g?login=easysur2&jv=n&j=y&srw=1600&srb=24&l='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.easysurf.cc/ndate6.htm(Line 805) Message: Mixed Content: The page at 'https://www.easysurf.cc/ndate6.htm' was loaded over HTTPS, but requested an insecure element 'http://www.easy2surf.com/cgi-bin/dtcount.cgi'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.easysurf.cc/ndate6.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e2.extreme-dm.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
sm2.sitemeter.com
static.adsafeprotected.com
t1.extreme-dm.com
tpc.googlesyndication.com
www.easy2surf.com
www.easysurf.cc
www.google.com
sm2.sitemeter.com
www.google.com
104.18.36.155
142.251.16.156
142.251.179.156
18.208.5.78
2600:1f18:1aca:4282:b1d9:51b0:4ae9:31c2
2600:9000:24f4:1e00:8:48e:53c0:93a1
2602:fc8e:0:688e:150::214
2607:f8b0:4004:c06::94
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9b
44.205.158.91
66.226.154.44
68.67.160.114
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c8c7ab8e5017018991cd339d34c578c396fcb672dc3bfb6a94065c740546ca
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
470c7991b02c2431aa53c7849bc816d6b5683db59aea8f980ca5bff94bb6c6b5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0d826793d0af5801431687b6d47fb847da2c50ef0cc8226dbcf8b22dc6d501
52c450d4e740242b791944454e9f5ab64045d6f6fc45ad64701af185b0e84aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aadfd697417ac1e5e545943d8cb8ee9e8e9ed3fa9ed9b3f65bff9fb329dac01
60528ea72a21de82133d216689a4b8e75435f77cc02a1e6f48214f7f6142bd68
6088b3014d54229975c807d65f756e3cab296d8149a20b3d57ab99fee4041a6c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332
81c6726876739f9c6dcfcc8b69a291b310a94289034435a7a492ab1a2ece101c
8a8cb1e93048f836ef1631396f8c1f7e345635fd2d4e7e1224a456ec235164c3
8e49d476b18cc9d06d8fc96d75cc1f3ccca6bc8eb813ff4cc1b98fb82f870812
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
99ca266a121f3788c7a2e7fa63a080914662fb9841bcd9ff3761b4c688338973
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a086f4abc4c1cc607c89e868c7254223f80bef9b021b86b9ed3d2a7a69cc435b
a4a391b257a6995671b0815752fa0784d079bc7266d15e59bc7a76eebc8b46d0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6cdb0da31312fcb9056520293677d761fec7a21eb9c43793f8233a5ee3c14ff
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6e7a0c94280e04cf9d83f675dd46e3f69f368c9c921ffde6d5f5bd11e082701
d9685259408a614f84199f8ea2390fa1559f3fee25f03c66e2b2173f22947ae5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61e5cfecd440fd93c10638272eab4c88dddc70391d2d2e3d9aabda4728114a0

www.easysurf.cc Open in urlscan Pro 66.226.154.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

87 %HTTPS

50 %IPv6

11 Domains

17 Subdomains

15 IPs

3 Countries

683 kBTransfer

1758 kBSize

13 Cookies

1 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.easysurf.cc Open in urlscan Pro
66.226.154.44 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

87 %
HTTPS

50 %
IPv6

11
Domains

17
Subdomains

15
IPs

3
Countries

683 kB
Transfer

1758 kB
Size

13
Cookies

55 HTTP transactions
1 data transactions