www.istartsurf.com Open in urlscan Pro
50.97.48.52 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.istartsurf.com/?type=hp&ts=1442847318&z=79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g&from=cor&uid=TOSHIBAXMQ01ABD...
Submission: On March 02 via manual (March 2nd 2021, 6:20:06 am UTC) from AU

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 50.97.48.52, located in Chantilly, United States and belongs to SOFTLAYER, US. The main domain is www.istartsurf.com.

This is the only time www.istartsurf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	50.97.48.52 50.97.48.52	36351 (SOFTLAYER) (SOFTLAYER)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
29	9

3 50.97.48.52 (Chantilly, United States)

ASN36351 (SOFTLAYER, US)
PTR: 34.30.6132.ip4.static.sl-reverse.com

www.istartsurf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.oceansfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

673d026a400eba66864976b610dd7654.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com 673d026a400eba66864976b610dd7654.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	130 KB
5	ampproject.org cdn.ampproject.org	100 KB
5	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	131 KB
2	google.com 1 redirects adservice.google.com www.google.com	826 B
2	oceansfx.com www.oceansfx.com	2 KB
1	google.de adservice.google.de	799 B
1	istartsurf.com www.istartsurf.com	4 KB
29	7

	Domain	Requested by
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.oceansfx.com tpc.googlesyndication.com cdn.ampproject.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.oceansfx.com securepubads.g.doubleclick.net
2	www.oceansfx.com	www.istartsurf.com www.oceansfx.com
1	googleads.g.doubleclick.net	www.oceansfx.com
1	www.google.com	1 redirects
1	673d026a400eba66864976b610dd7654.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.istartsurf.com
29	11

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.istartsurf.com/?type=hp&ts=1442847318&z=79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g&from=cor&uid=TOSHIBAXMQ01ABD100_Y4HHC0YCTXXY4HHC0YCT
Frame ID: A6B2F3D94D53AA7597BD3AEBD50E869A
Requests: 1 HTTP requests in this frame

Frame: http://www.oceansfx.com/t1.html
Frame ID: 959530E7EB6CC80A339C99DE392D0FBB
Requests: 1 HTTP requests in this frame

Frame: http://www.oceansfx.com/y5.html
Frame ID: B920DE24A786148A3297E45BA0495D10
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs
Frame ID: CD071C21EC797D1DAC29613EB8FCFE0F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DEFC2A22EC995E0A75962AE50926B956
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Tengine (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Tengine/i

Page Statistics

29
Requests

90 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

368 kB
Transfer

888 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.istartsurf.com/ 12 KB
4 KB 1115ms
178ms Document
text/html 50.97.48.52
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://www.istartsurf.com/?type=hp&ts=1442847318&z=79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g&from=cor&uid=TOSHIBAXMQ01ABD100_Y4HHC0YCTXXY4HHC0YCT
Protocol: HTTP/1.1
Server: 50.97.48.52 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 34.30.6132.ip4.static.sl-reverse.com
Software: Tengine/1.2.2 / PHP/5.3.14
Resource Hash: 2ddbd3709ab2cd28e0bc3588113eb371edb6ca78821f52203d40e968ad182a82

Request headers

Host: www.istartsurf.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: Tengine/1.2.2
Date: Tue, 02 Mar 2021 06:19:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.14
Cache-Control: max-age=0
Content-Encoding: gzip

GET
H/1.1 200
OK t1.html Show response
www.oceansfx.com/ Frame 9595 317 B
549 B 199ms
177ms Document
text/html 50.97.48.52
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://www.oceansfx.com/t1.html
Requested by: Host: www.istartsurf.com
URL: http://www.istartsurf.com/?type=hp&ts=1442847318&z=79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g&from=cor&uid=TOSHIBAXMQ01ABD100_Y4HHC0YCTXXY4HHC0YCT
Protocol: HTTP/1.1
Server: 50.97.48.52 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 34.30.6132.ip4.static.sl-reverse.com
Software: Tengine/1.2.2 /
Resource Hash: 477be8f6c53fafc22055f9c9fd73d76a8d02d6b6826f1e0cc05d029b97bec053

Request headers

Host: www.oceansfx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.istartsurf.com/?type=hp&ts=1442847318&z=79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g&from=cor&uid=TOSHIBAXMQ01ABD100_Y4HHC0YCTXXY4HHC0YCT
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.istartsurf.com/?type=hp&ts=1442847318&z=79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g&from=cor&uid=TOSHIBAXMQ01ABD100_Y4HHC0YCTXXY4HHC0YCT

Response headers

Server: Tengine/1.2.2
Date: Tue, 02 Mar 2021 06:19:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 317
Last-Modified: Tue, 25 Dec 2018 08:29:24 GMT
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK y5.html Show response
www.oceansfx.com/ Frame B920 844 B
1 KB 92ms
91ms Document
text/html 50.97.48.52
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://www.oceansfx.com/y5.html
Requested by: Host: www.oceansfx.com
URL: http://www.oceansfx.com/t1.html
Protocol: HTTP/1.1
Server: 50.97.48.52 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 34.30.6132.ip4.static.sl-reverse.com
Software: Tengine/1.2.2 /
Resource Hash: aa55ee2fff9b58d7152dbd0af39c2ae0b1ba2774ba3d5ab19b1b66748fd06891

Request headers

Host: www.oceansfx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.oceansfx.com/t1.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.oceansfx.com/t1.html

Response headers

Server: Tengine/1.2.2
Date: Tue, 02 Mar 2021 06:19:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 844
Last-Modified: Wed, 25 Sep 2019 10:22:55 GMT
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B920 55 KB
19 KB 37ms
14ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.oceansfx.com
URL: http://www.oceansfx.com/y5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 06:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "799 / 387 of 1000 / last-modified: 1614640338"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19330
x-xss-protection: 0
expires: Tue, 02 Mar 2021 06:19:46 GMT

GET
H3-Q050 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B920 287 KB
101 KB 37ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 06:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Tue, 02 Mar 2021 06:19:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B920 107 B
799 B 37ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.oceansfx.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 06:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B920 107 B
553 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oceansfx.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 06:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B920 40 KB
10 KB 521ms
520ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1913180668728403&correlator=1381033501082332&output=ldjh&impl=fifs&eid=21068111%2C21065725&vrg=2021022501&ptt=17&sc=0&sfv=1-0-37&ecs=20210302&iu_parts=267253979%2Clinzong%2Coceansfx-300*250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cdm=www.oceansfx.com&bc=23&abxe=1&lmt=1569406975&dt=1614665986843&dlt=1614665986705&idt=121&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=0&adys=0&adks=1709256188&ucis=99ry1gt102l8&ifi=1&ifk=1007797161&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fwww.oceansfx.com%2Fy5.html&ref=http%3A%2F%2Fwww.oceansfx.com%2Ft1.html&top=http%3A%2F%2Fwww.istartsurf.com%2F%3Ftype%3Dhp%26ts%3D1442847318%26z%3D79c33a0582345639eb5d119gaz0zcocb5zcm4gez5g%26from%3Dcor%26uid%3DTOSHIBAXMQ01ABD100_Y4HHC0YCTXXY4HHC0YCT&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x-1&ga_vid=2044722784.1614665987&ga_sid=1614665987&ga_hid=209446179&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a55c846a97eebdb577bb0ba49b3183c91d672d913bcb6db30da2a8eade7bce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 06:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10163
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.oceansfx.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
673d026a400eba66864976b610dd7654.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B920 0
0 47ms
14ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://673d026a400eba66864976b610dd7654.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B920 0
0 26ms
6ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011202030000/ Frame CD07 187 KB
52 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f393602199ec6ca3e58a2e993e1e5cfb4ead7d1e970edfda1526419f6bfebbbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 445561
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53598
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 02:33:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dadbef2cde78a425"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 02:33:46 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011202030000/v0/ Frame CD07 13 KB
6 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011202030000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9845a84140048e0220462ae7e9ef0b817f9575cce0d69ebb64a91e2d63fdfee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 383901
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 19:41:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e013278ead2acad8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 19:41:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011202030000/v0/ Frame CD07 90 KB
27 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011202030000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c2fc40a8138ccf3b09d35efbf1409f7859700a573dc9bc0bbc5eb346ec6ca7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 354332
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27701
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 03:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5c90db2aa9aed9b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 03:54:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011202030000/v0/ Frame CD07 3 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011202030000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad869d60e6c97221cbf8e5f6f375f97b65067ffc8a8a1c61307ed46c9ffb71e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 42534
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
server: sffe
date: Mon, 01 Mar 2021 18:30:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee2fcd04144120a6"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 18:30:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011202030000/v0/ Frame CD07 41 KB
13 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011202030000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df41573ad6a049999e7f4f9da23288330e3f589c54cdbc3ccd9dd51bc5084546

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433497
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 05:54:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "52961b8c810f9351"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:54:50 GMT

GET
DATA 200
OK truncated
/ Frame CD07 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78396729b55d22f1a3606a55a06c34fcc3396ba0fc85c1a78ca8bc7d288e1058

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 3807879235055949906
tpc.googlesyndication.com/simgad/ Frame CD07 50 KB
50 KB 39ms
24ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3807879235055949906?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmrZ-Dji0K2tHHhOJGdaEeIdTNscA

Requested by

Host: www.oceansfx.com
URL: http://www.oceansfx.com/y5.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec6112e35352cab98df8e3ef07130cf814234509c2522e5ffb830d0ce721a197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Feb 2021 08:53:45 GMT
server: sffe
age: 227431
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50757
x-xss-protection: 0
expires: Sun, 27 Feb 2022 15:09:16 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD07 2 KB
3 KB 36ms
22ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.oceansfx.com
URL: http://www.oceansfx.com/y5.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 34372
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD07 295 B
748 B 35ms
21ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.oceansfx.com
URL: http://www.oceansfx.com/y5.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 28962
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 02 Mar 2021 22:17:05 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CD07 0
0 30ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuIuwAtk9YN6oNZGmx_AP7I2xgA_M9c7QYfzDnaSADcCNtwEQASCx1rojYJX68IGMB6AB_66tzwHIAQLgAgCoAwHIAwiqBM0BT9A7o2p8Ekq2RtuKSUwhjmqbPYhTHpCq5g4eSrZ0i8uK22drw2Z87E8PKdDoFzc9fAr5iZmN2IyMXwE-U3xTXviv51a8LSu20Ed3H87vuQDpTxNPPejwtUFhTJseSMngIy3zMth-glfDtx0cL5DaboMkPsp5wMrG7lplM38RTXdOjiF5d8ln7o5KwTnBqEwl2bofmFFbgNiX0MLpxnBR_6y2JCDLVuevKLnry8hSj019yA6LCeU92EGeEgnt7-feksL7dOYZkutKaRbJq8AEnNuqtswD4AQBkgUECAQYAZIFBAgFGASgBgKAB-nQ0rACqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOSgVdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzQyODQyNjcxNTg0NjEwMIAKA8gLAdgTDbIXGgoYCAASFHB1Yi01ODczNDMzNTU5NTY4MDE1&sigh=3a_ESy90kkc&tpd=AGWhJmuEIDIRt8bsN3x_EGsDvIr0F3U_YjdegBKBi4UvfiLETA
Requested by: Host: www.oceansfx.com
URL: http://www.oceansfx.com/y5.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B920 9 KB
7 KB 41ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0548a1de769dbc6d092e1adddd83b8a329a8bde4b38df7048faad6f71a03ebd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 06:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6629
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B920 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 06:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 02 Mar 2021 06:19:47 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CD07
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.oceansfx.com
URL: http://www.oceansfx.com/y5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Tue, 02 Mar 2021 06:19:47 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DEFC 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.oceansfx.com/y5.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.oceansfx.com/y5.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 02 Mar 2021 00:12:28 GMT
expires: Wed, 02 Mar 2022 00:12:28 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
pagead2.googlesyndication.com/bg/ Frame DEFC 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 413636
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Fri, 25 Feb 2022 11:25:51 GMT

GET
H3-Q050 200 3807879235055949906
tpc.googlesyndication.com/simgad/ Frame CD07 50 KB
50 KB 8ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3807879235055949906?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmrZ-Dji0K2tHHhOJGdaEeIdTNscA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec6112e35352cab98df8e3ef07130cf814234509c2522e5ffb830d0ce721a197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Feb 2021 08:53:45 GMT
server: sffe
age: 227431
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50757
x-xss-protection: 0
expires: Sun, 27 Feb 2022 15:09:16 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD07 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 34372
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD07 295 B
320 B 8ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 28962
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 02 Mar 2021 22:17:05 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B920 0
224 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=1913180668728403&bg=!m5ilmNvNAAXB_3NtwTsAKQB2-Dxan0hyYPvi3VzfZ4VjTwvbztuVy8wdl7_UpDtuXywP9I0knCGeAgAAAENSAAAAC2gBBwoADN2BAJXMf1xn8QRCu5kCFx_EMzObQlCcNxoTYWEEPXKA8ky-b6G02aoGaQ_kVl-9A1W9gDg4NMmt0rP6E3N8ErjZp3fUO9nolrnWwABmKIzBf2DtPbwJr9TrvScGVf1w6vbQBqpXXGvmQNluw5HFKryWL8X4J-C-czneXICrQofVf1L21ejasIR9uBbsXhE73uva48omwJAJlhpRPEjIH1KRfp6s7hdI-LphxU1cJtVA7ASrsZwB6FU2HEFYSlS-z5eVToTaQMkprzaU8p1c9B09X-fzits-R1dQp_zVY0yS3Jkz75399UMXnpdSh4mQB_MI3Kt_O_92CljFuYBRwICovNtIAiI3AZgbSa3oVdul5N9rV93BYVTKbVgTl5O1ORWTsxWdFYG6yR5g_bzEUaVQSLJRMATnVidkXFGVHu-hRaqNHotqVVwYfpUvlv6vlo2kiZ1tNqxjQ1KHfULOJmkZa6vSFkJM20RZ1pOkj4nTm4cQ9OTLeYk8aPKpKRdMHdwBmxdbqAhSTZuyft-jo3HUfjh4B2NC8V7yvPa2n9tW4JK7m0R5UssnvkVU4D4M6W8kw8YtFGGrYgJIDJqZo5jtwVedGB53I0tqq03lAx_6DOtBycxLRTrtpByZJsLV7vZGSIc-t8l2ZpsVH23naJyQ2oAfoNkLPtpHWDUxOO6Ju2QSuSOAZyRQggPW4x_6OSX3SExHOjgOoBFI40NJpzyFouAcJpI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/y5.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 06:19:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CD07 42 B
94 B 40ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8rsds8zARfokisZHtr3Z2mCfo6eyd5FFrlsjJVRf2M7zdiD1JqWXXv8UlmlicbxF9sD13Cr38NkB3pU3aIhrh6dHyJ3TWbvRtHrm48NH5fxbCSTviKqAes8gIqA&sai=AMfl-YRnmGoEHwzjR5PwE5B0tneTUx6zUiYTkUfAxBjtnrvEvn5vkpKaN0XA2axbOdlWdZFcI6pfWlaOSmQa&sig=Cg0ArKJSzJsLUQCD03pXEAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=114&tls=1114&g=100&h=100&tt=1115&r=v&avms=ampa&adk=1709256188

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.oceansfx.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 06:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2011202030000 http://www.oceansfx.com/y5.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

673d026a400eba66864976b610dd7654.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.istartsurf.com
www.oceansfx.com
142.250.186.34
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:82a::2004
50.97.48.52
0548a1de769dbc6d092e1adddd83b8a329a8bde4b38df7048faad6f71a03ebd3
2ddbd3709ab2cd28e0bc3588113eb371edb6ca78821f52203d40e968ad182a82
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
477be8f6c53fafc22055f9c9fd73d76a8d02d6b6826f1e0cc05d029b97bec053
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
78396729b55d22f1a3606a55a06c34fcc3396ba0fc85c1a78ca8bc7d288e1058
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
9a55c846a97eebdb577bb0ba49b3183c91d672d913bcb6db30da2a8eade7bce0
9ad869d60e6c97221cbf8e5f6f375f97b65067ffc8a8a1c61307ed46c9ffb71e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c2fc40a8138ccf3b09d35efbf1409f7859700a573dc9bc0bbc5eb346ec6ca7
a9845a84140048e0220462ae7e9ef0b817f9575cce0d69ebb64a91e2d63fdfee
aa55ee2fff9b58d7152dbd0af39c2ae0b1ba2774ba3d5ab19b1b66748fd06891
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
df41573ad6a049999e7f4f9da23288330e3f589c54cdbc3ccd9dd51bc5084546
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec6112e35352cab98df8e3ef07130cf814234509c2522e5ffb830d0ce721a197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
f393602199ec6ca3e58a2e993e1e5cfb4ead7d1e970edfda1526419f6bfebbbb

www.istartsurf.com Open in urlscan Pro 50.97.48.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

90 %HTTPS

78 %IPv6

7 Domains

11 Subdomains

9 IPs

2 Countries

368 kBTransfer

888 kBSize

0 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.istartsurf.com Open in urlscan Pro
50.97.48.52 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

90 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

368 kB
Transfer

888 kB
Size

0
Cookies

29 HTTP transactions
1 data transactions