urlscan.io logo urlscan.io
SecurityTrails logo

us.shofast.com Open in urlscan Pro
81.171.31.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sunsetthomasartgallery.com/
Effective URL: https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-2319...
Submission: On November 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main IP is 81.171.31.78, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is us.shofast.com. The Cisco Umbrella rank of the primary domain is 782139.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 10th 2022. Valid for: a year.
This is the only time us.shofast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2600:3c02::f0... 63949 (LINODE-AP...)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 81.171.31.78 60781 (LEASEWEB-...)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 8
2    2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
www.sunsetthomasartgallery.com
1    2604:9e00:1:129::2:b2a (United States)

ASN27257 (WEBAIR-INTERNET, US)
click.expmdiadi.com
1    81.171.31.78 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
us.shofast.com
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t2.gstatic.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t3.gstatic.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
Apex Domain
Subdomains		 Transfer
5 google.com
www.google.com — Cisco Umbrella Rank: 10
106 KB
2 gstatic.com
t2.gstatic.com
t3.gstatic.com
2 KB
2 sunsetthomasartgallery.com
www.sunsetthomasartgallery.com
3 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 977
624 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 97
39 KB
1 shofast.com
us.shofast.com — Cisco Umbrella Rank: 782139
28 KB
1 expmdiadi.com
click.expmdiadi.com
266 B
10 7
Domain Requested by
5 www.google.com 2 redirects us.shofast.com
www.google.com
2 www.sunsetthomasartgallery.com www.sunsetthomasartgallery.com
1 partner.googleadservices.com www.google.com
1 t3.gstatic.com us.shofast.com
1 t2.gstatic.com us.shofast.com
1 www.googletagmanager.com us.shofast.com
1 us.shofast.com www.sunsetthomasartgallery.com
1 click.expmdiadi.com 1 redirects
10 8

This site contains links to these domains. Also see Links.

Domain
www.visymo.com
www.facebook.com
es-la.facebook.com
Subject Issuer Validity Valid
temposearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-05-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Frame ID: 8E5787D9E92E0539EC57BA8F61FEEDFA
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=2633530805&pcsa=false&adpage=1&channel=zmw_ch351&client=zapmeta-us-web&r=m&hl=en&terms=sunsetthomasartgallery.com&kw=sunsetthomasartgallery.com&adrep=0&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r6&nocache=1241669441412774&num=0&output=afd_ads&domain_name=us.shofast.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1669441412775&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=488417025&uio=-&cont=csa-related-1&jsid=csa&jsv=488417025&rurl=https%3A%2F%2Fus.shofast.com%2Fdsr%3Fq%3Dsunsetthomasartgallery.com%26asid%3Dzmw_ch351%26de%3Dc%26rac%3Dsunsetthomasartgallery.com%26sclid%3D0-23196%26gclid%3DqCpVY2wOCcE&referer=http%3A%2F%2Fwww.sunsetthomasartgallery.com%2F&adbw=master-1%3A660
Frame ID: DBE2B49ADE337EB7EB56695B7EE1F7C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sunsetthomasartgallery.com - Shofast

Page URL History Show full URLs

  1. http://www.sunsetthomasartgallery.com/ Page URL
  2. http://www.sunsetthomasartgallery.com/page/bouncy.php?&bpae=GbhGd6cmYk1%2Fj3NU5sLPJtutYABSG0%2Fjn%2BWed4k4JGchxcKP... Page URL
  3. http://click.expmdiadi.com/click?i=CclRgVLRtd0_0 HTTP 302
    https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgall... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

10
Requests

60 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

180 kB
Transfer

481 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sunsetthomasartgallery.com/ Page URL
  2. http://www.sunsetthomasartgallery.com/page/bouncy.php?&bpae=GbhGd6cmYk1%2Fj3NU5sLPJtutYABSG0%2Fjn%2BWed4k4JGchxcKPra127HW4rlMFpAX6A6bSmHjNaGcRUq834ZiKeqcnyKksIoippCMKCLx5lBHCehxKFJBQB3wXgGerNOg4nfxHNEXWUZj2l6Wb5PYoBQnUJoNYR4Cjn3zono3Bv0J7MTA2AeZPAyBM0iFKDsYuAWD5BLQKzGZ1UFz6llGI1Va%2BmEXGNgmhvNTKVSh96qDlcK7nDLAy%2FlUsSFOeQODmyciswYtdGsMbUT6bZG9PfGXjwP3%2Fb6ZFwLR5Ol7RO1zUmMPmQD1GMOzVQFZYnx2nDJlM46IfzAhTOQ6EBE%2FhmmU82cGTDjg%2BrdoqoHMcn2NHl6LGQqBXOrEbl4tUvlgGKeO%2BD9sQ1n%2B1eqSsyP%2BIegt%2F%2BmoJLAMnT%2FGtw8BaxmknlYfbBFKVnWwZ3Nk2&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://click.expmdiadi.com/click?i=CclRgVLRtd0_0 HTTP 302
    https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.google.com/s2/favicons?domain=www.facebook.com HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
Request Chain 6
  • https://www.google.com/s2/favicons?domain=es-la.facebook.com HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://es-la.facebook.com&size=16

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.sunsetthomasartgallery.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.sunsetthomasartgallery.com/
Protocol
HTTP/1.1
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 05:43:31 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Transfer-Encoding
chunked
X-Powered-By
PHP/5.5.38
bouncy.php
www.sunsetthomasartgallery.com/page/ 		670 B
949 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.sunsetthomasartgallery.com/page/bouncy.php?&bpae=GbhGd6cmYk1%2Fj3NU5sLPJtutYABSG0%2Fjn%2BWed4k4JGchxcKPra127HW4rlMFpAX6A6bSmHjNaGcRUq834ZiKeqcnyKksIoippCMKCLx5lBHCehxKFJBQB3wXgGerNOg4nfxHNEXWUZj2l6Wb5PYoBQnUJoNYR4Cjn3zono3Bv0J7MTA2AeZPAyBM0iFKDsYuAWD5BLQKzGZ1UFz6llGI1Va%2BmEXGNgmhvNTKVSh96qDlcK7nDLAy%2FlUsSFOeQODmyciswYtdGsMbUT6bZG9PfGXjwP3%2Fb6ZFwLR5Ol7RO1zUmMPmQD1GMOzVQFZYnx2nDJlM46IfzAhTOQ6EBE%2FhmmU82cGTDjg%2BrdoqoHMcn2NHl6LGQqBXOrEbl4tUvlgGKeO%2BD9sQ1n%2B1eqSsyP%2BIegt%2F%2BmoJLAMnT%2FGtw8BaxmknlYfbBFKVnWwZ3Nk2&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: www.sunsetthomasartgallery.com
URL: http://www.sunsetthomasartgallery.com/
Protocol
HTTP/1.1
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Referer
http://www.sunsetthomasartgallery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 05:43:32 GMT
Keep-Alive
timeout=5, max=99
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Transfer-Encoding
chunked
X-Powered-By
PHP/5.5.38
Primary Request dsr
us.shofast.com/
Redirect Chain
  • http://click.expmdiadi.com/click?i=CclRgVLRtd0_0
  • https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
88 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Requested by
Host: www.sunsetthomasartgallery.com
URL: http://www.sunsetthomasartgallery.com/page/bouncy.php?&bpae=GbhGd6cmYk1%2Fj3NU5sLPJtutYABSG0%2Fjn%2BWed4k4JGchxcKPra127HW4rlMFpAX6A6bSmHjNaGcRUq834ZiKeqcnyKksIoippCMKCLx5lBHCehxKFJBQB3wXgGerNOg4nfxHNEXWUZj2l6Wb5PYoBQnUJoNYR4Cjn3zono3Bv0J7MTA2AeZPAyBM0iFKDsYuAWD5BLQKzGZ1UFz6llGI1Va%2BmEXGNgmhvNTKVSh96qDlcK7nDLAy%2FlUsSFOeQODmyciswYtdGsMbUT6bZG9PfGXjwP3%2Fb6ZFwLR5Ol7RO1zUmMPmQD1GMOzVQFZYnx2nDJlM46IfzAhTOQ6EBE%2FhmmU82cGTDjg%2BrdoqoHMcn2NHl6LGQqBXOrEbl4tUvlgGKeO%2BD9sQ1n%2B1eqSsyP%2BIegt%2F%2BmoJLAMnT%2FGtw8BaxmknlYfbBFKVnWwZ3Nk2&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.171.31.78 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
aab725c9d533908eba1a0dc0dc6d9a1179dd5ade9f57e587778c765ac197cc03
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
http://www.sunsetthomasartgallery.com/page/bouncy.php?&bpae=GbhGd6cmYk1%2Fj3NU5sLPJtutYABSG0%2Fjn%2BWed4k4JGchxcKPra127HW4rlMFpAX6A6bSmHjNaGcRUq834ZiKeqcnyKksIoippCMKCLx5lBHCehxKFJBQB3wXgGerNOg4nfxHNEXWUZj2l6Wb5PYoBQnUJoNYR4Cjn3zono3Bv0J7MTA2AeZPAyBM0iFKDsYuAWD5BLQKzGZ1UFz6llGI1Va%2BmEXGNgmhvNTKVSh96qDlcK7nDLAy%2FlUsSFOeQODmyciswYtdGsMbUT6bZG9PfGXjwP3%2Fb6ZFwLR5Ol7RO1zUmMPmQD1GMOzVQFZYnx2nDJlM46IfzAhTOQ6EBE%2FhmmU82cGTDjg%2BrdoqoHMcn2NHl6LGQqBXOrEbl4tUvlgGKeO%2BD9sQ1n%2B1eqSsyP%2BIegt%2F%2BmoJLAMnT%2FGtw8BaxmknlYfbBFKVnWwZ3Nk2&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-transform, private
Content-Security-Policy
frame-ancestors 'none'
X-Frame-Options
DENY
accept-ranges
bytes
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 05:43:32 GMT
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Pragma
no-cache
ads.js
www.google.com/adsense/search/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: us.shofast.com
URL: https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d23f8bb0ecfbeed5e3f0c3d34a6b3de3979f80d065f615dda4e41c7ffa3b68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us.shofast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 05:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"607522604124001143"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 26 Nov 2022 05:43:32 GMT
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRCSBD3
Requested by
Host: us.shofast.com
URL: https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2b03a7ef359fb63b08a4bcc0e182e719feacbfc6f303904690aa64f5f4b980e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us.shofast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 05:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39565
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Nov 2022 05:43:32 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a401f61e7641564d421148a4a83aca98f91df4acee509a546d712b5551c7e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain=www.facebook.com
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
404 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
Requested by
Host: us.shofast.com
URL: https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Protocol
H2
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 12:02:39 GMT
x-content-type-options
nosniff
age
409253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 14:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
expires
Mon, 28 Nov 2022 12:02:39 GMT

Redirect headers

date
Sat, 26 Nov 2022 05:43:13 GMT
x-content-type-options
nosniff
server
sffe
age
19
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
336
x-xss-protection
0
expires
Sat, 26 Nov 2022 06:13:13 GMT
faviconV2
t3.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain=es-la.facebook.com
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://es-la.facebook.com&size=16
404 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://es-la.facebook.com&size=16
Requested by
Host: us.shofast.com
URL: https://us.shofast.com/dsr?q=sunsetthomasartgallery.com&asid=zmw_ch351&de=c&rac=sunsetthomasartgallery.com&sclid=0-23196&gclid=qCpVY2wOCcE
Protocol
H2
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 05:19:01 GMT
x-content-type-options
nosniff
age
433471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 14:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
expires
Mon, 28 Nov 2022 05:19:01 GMT

Redirect headers

date
Sat, 26 Nov 2022 05:43:32 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://es-la.facebook.com&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
338
x-xss-protection
0
expires
Sat, 26 Nov 2022 06:13:32 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86f40b171cb27f57c6c3826d6db2c662a1167325c300c819f02f6d652f2ee45

Request headers

Referer
Origin
https://us.shofast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
application/octet-stream
cookie.js
partner.googleadservices.com/gampad/ 		188 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=us.shofast.com&client=zapmeta-us-web&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfde21c0fb568a36373d6231eaeb1fd9b1e54ca6b1fb5c65f6b7abc62212090c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us.shofast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 05:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180
x-xss-protection
0
ads
www.google.com/afs/ Frame DBE2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=2633530805&pcsa=false&adpage=1&channel=zmw_ch351&client=zapmeta-us-web&r=m&hl=en&terms=sunsetthomasartgallery.com&kw=sunsetthomasartgallery.com&adrep=0&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r6&nocache=1241669441412774&num=0&output=afd_ads&domain_name=us.shofast.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1669441412775&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=488417025&uio=-&cont=csa-related-1&jsid=csa&jsv=488417025&rurl=https%3A%2F%2Fus.shofast.com%2Fdsr%3Fq%3Dsunsetthomasartgallery.com%26asid%3Dzmw_ch351%26de%3Dc%26rac%3Dsunsetthomasartgallery.com%26sclid%3D0-23196%26gclid%3DqCpVY2wOCcE&referer=http%3A%2F%2Fwww.sunsetthomasartgallery.com%2F&adbw=master-1%3A660
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
f041b29131cbc98c9d58189b2df66c80c9e4bda24a652f03dfa399f2af38fdb2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us.shofast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
1646
content-type
text/html; charset=UTF-8
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="gws"
date
Sat, 26 Nov 2022 05:43:32 GMT
expires
Sat, 26 Nov 2022 05:43:32 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
ads.js
www.google.com/adsense/search/ Frame DBE2 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=2633530805&pcsa=false&adpage=1&channel=zmw_ch351&client=zapmeta-us-web&r=m&hl=en&terms=sunsetthomasartgallery.com&kw=sunsetthomasartgallery.com&adrep=0&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r6&nocache=1241669441412774&num=0&output=afd_ads&domain_name=us.shofast.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1669441412775&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=488417025&uio=-&cont=csa-related-1&jsid=csa&jsv=488417025&rurl=https%3A%2F%2Fus.shofast.com%2Fdsr%3Fq%3Dsunsetthomasartgallery.com%26asid%3Dzmw_ch351%26de%3Dc%26rac%3Dsunsetthomasartgallery.com%26sclid%3D0-23196%26gclid%3DqCpVY2wOCcE&referer=http%3A%2F%2Fwww.sunsetthomasartgallery.com%2F&adbw=master-1%3A660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e2ad1fc5a1fa7424689a07c67afec6862c9f70927144dc9e4ed158757a72219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 05:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"14813825576229042076"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 26 Nov 2022 05:43:32 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| appBrand object| appMenu string| appPersistentPathQueryString string| appPersistentPathQueryStringWithoutQuery object| appReady object| appCcc object| appSettings object| appVariant number| appTime function| persistentPath function| persistentPathWithoutQuery function| logError function| DelayedContainer object| delayedContainer function| _googCsa function| GoogleAds function| gAdsScriptLoaded function| gAdsResponse function| gAdUnitLoaded function| gAdUnitRender function| gRelatedUnitLoaded function| gRelatedUnitRender function| getGUnitLoadedCallback object| googleAds object| dataLayer string| cookieDomain string| pageview_id string| vid function| HttpRequest function| StatisticsResult function| StatisticsLog function| BaseStatisticsResult function| AdditionalStatisticsResult function| Autofocus function| Beacon function| Overlay function| OverlayMenu object| overlayMenu function| MoreMenu object| CookieHelper function| SearchHistory object| searchHistory function| AutoSuggest function| ClearInputOption undefined| callback object| Helper object| ClassList object| KeyCode object| MediaQuery object| Translation object| baseStatisticsResult object| additionalStatisticsResult object| statisticsLog object| cookieConsentOptions number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| google_tag_manager

1 Cookies

Domain/Path Name / Value
.shofast.com/ Name: __gsas
Value: ID=dd6c6e96adae6b7a:T=1669441412:S=ALNI_MaEJdyZb-4gUNHN5EmpbLE8raPnWw