ultrasurfing.com Open in urlscan Pro
2606:4700:e0::ac40:6612 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ultrasurfing.com/
Submission: On August 30 via api (August 30th 2023, 8:27:25 pm UTC) from US — Scanned from DE

Summary HTTP 452 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 105 IPs in 12 countries across 64 domains to perform 452 HTTP transactions. The main IP is 2606:4700:e0::ac40:6612, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 382656.

This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:e0:... 2606:4700:e0::ac40:6612	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:780... 2a02:26f0:780::210:ca41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:300... 2a02:26f0:3000::170a:f969	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:17e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1 9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:223... 2600:9000:223c:5c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:1c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
5	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	68.183.18.251 68.183.18.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
5	23.22.92.111 23.22.92.111	14618 (AMAZON-AES) (AMAZON-AES)
89	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 8	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	209.191.163.208 209.191.163.208	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.64.142.32 3.64.142.32	16509 (AMAZON-02) (AMAZON-02)
3	18.200.206.93 18.200.206.93	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	63.32.5.54 63.32.5.54	16509 (AMAZON-02) (AMAZON-02)
7	34.107.217.107 34.107.217.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	52.222.209.4 52.222.209.4	16509 (AMAZON-02) (AMAZON-02)
1 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:2c:... 2a02:26f0:2c:2bc::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2400:52e0:1e0... 2400:52e0:1e00::1075:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	23.205.176.78 23.205.176.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.165.201.65 18.165.201.65	16509 (AMAZON-02) (AMAZON-02)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	3.210.209.86 3.210.209.86	14618 (AMAZON-AES) (AMAZON-AES)
1	18.203.189.31 18.203.189.31	16509 (AMAZON-02) (AMAZON-02)
1	2.19.85.30 2.19.85.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	34.117.132.248 34.117.132.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
23	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	54.211.96.115 54.211.96.115	14618 (AMAZON-AES) (AMAZON-AES)
1	52.18.110.117 52.18.110.117	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2602:803:c003... 2602:803:c003:200::27	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	138.199.36.7 138.199.36.7	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:80b::2010	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8 10	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	23.35.233.75 23.35.233.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 4	2a05:d018:d29... 2a05:d018:d29:3605:f821:c088:dfda:b5f7	16509 (AMAZON-02) (AMAZON-02)
2 4	18.159.70.92 18.159.70.92	16509 (AMAZON-02) (AMAZON-02)
10	72.246.169.246 72.246.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
24	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
5 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1 2	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	54.86.248.253 54.86.248.253	14618 (AMAZON-AES) (AMAZON-AES)
2	185.89.208.11 185.89.208.11	() ()
2	172.217.18.98 172.217.18.98	() ()
3	34.98.64.218 34.98.64.218	() ()
1	216.52.2.91 216.52.2.91	() ()
1	172.64.149.180 172.64.149.180	() ()
1	151.101.193.108 151.101.193.108	() ()
2 8	185.80.39.216 185.80.39.216	() ()
1 1	34.160.19.107 34.160.19.107	() ()
1	64.95.96.108 64.95.96.108	() ()
1 1	185.183.112.148 185.183.112.148	() ()
1	104.18.38.76 104.18.38.76	() ()
452	105

16 2606:4700:e0::ac40:6612 (United States)

ASN13335 (CLOUDFLARENET, US)

ultrasurfing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:780::210:ca41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3000::170a:f969 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:17e (United States)

ASN13335 (CLOUDFLARENET, US)

increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5c00:6:44e3:f8c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:1c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.18.251 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture2.analytics.hbwrapper

cat2.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.224.192.181 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.22.92.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-92-111.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tsdtocl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.208 (United States) 1 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.142.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-142-32.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.200.206.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-206-93.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.5.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-5-54.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com

static.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aegis.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2c:2bc::2c79 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1075:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.176.78 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-176-78.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.201.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-65.lhr50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.209.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-209-86.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.189.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-189-31.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.85.30 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-30.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.132.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.132.117.34.bc.googleusercontent.com

tempnextstat.bcovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.96.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-96-115.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.110.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-110-117.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.36.7 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-7.bunnyinfra.net

feed.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.233.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-233-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3605:f821:c088:dfda:b5f7 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.159.70.92 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-70-92.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 72.246.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.228.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.248.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-248-253.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.208.11 (None, )

ASN- ()

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (None, )

ASN- ()

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
digikulture-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (None, )

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.19.107 (None, ) 1 redirects

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.95.96.108 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (None, ) 1 redirects

ASN- ()

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN- ()

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
128	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 919 trc.taboola.com — Cisco Umbrella Rank: 614 vidstat.taboola.com — Cisco Umbrella Rank: 2542 am-trc-events.taboola.com — Cisco Umbrella Rank: 16233 trc-events.taboola.com — Cisco Umbrella Rank: 1999 images.taboola.com — Cisco Umbrella Rank: 1780 videos.taboola.com — Cisco Umbrella Rank: 5065 imprammp.taboola.com — Cisco Umbrella Rank: 15906 am-match.taboola.com — Cisco Umbrella Rank: 16049 wf.taboola.com — Cisco Umbrella Rank: 2698 am-vid-events.taboola.com — Cisco Umbrella Rank: 14973 vidstatb.taboola.com — Cisco Umbrella Rank: 4450 sync.taboola.com — Cisco Umbrella Rank: 998 pips.taboola.com — Cisco Umbrella Rank: 1574 cds.taboola.com — Cisco Umbrella Rank: 1786 am-wf.taboola.com — Cisco Umbrella Rank: 17391	3 MB
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 ade.googlesyndication.com	547 KB
34	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 237 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	370 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	1007 KB
22	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 510 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10495 eus.rubiconproject.com — Cisco Umbrella Rank: 593 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110 token.rubiconproject.com — Cisco Umbrella Rank: 597 pixel.rubiconproject.com — Cisco Umbrella Rank: 366	69 KB
19	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 327 aax.amazon-adsystem.com — Cisco Umbrella Rank: 404 s.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076	199 KB
16	ultrasurfing.com ultrasurfing.com — Cisco Umbrella Rank: 382656	138 KB
11	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 prebid.adnxs.com acdn.adnxs.com	24 KB
11	google.com cse.google.com — Cisco Umbrella Rank: 2932 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1504 region1.analytics.google.com — Cisco Umbrella Rank: 3238 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 460	183 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 567 ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	93 KB
7	anonymised.io static.anonymised.io — Cisco Umbrella Rank: 22231 aegis.anonymised.io — Cisco Umbrella Rank: 22585	36 KB
7	aniview.com track1.aniview.com — Cisco Umbrella Rank: 1826 player.aniview.com — Cisco Umbrella Rank: 1746 go1.aniview.com — Cisco Umbrella Rank: 6219	132 KB
7	playstream.media tg1.playstream.media — Cisco Umbrella Rank: 60566 cdn.playstream.media — Cisco Umbrella Rank: 91811 feed.playstream.media — Cisco Umbrella Rank: 75048	3 MB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	341 KB
6	bcovery.com tempnextstat.bcovery.com — Cisco Umbrella Rank: 103745	117 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 900 c.clarity.ms — Cisco Umbrella Rank: 1455 p.clarity.ms — Cisco Umbrella Rank: 11842	27 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 348	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41 storage.googleapis.com — Cisco Umbrella Rank: 393	5 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104 www.googleadservices.com — Cisco Umbrella Rank: 149	607 B
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 426	1 KB
5	bidswitch.net 2 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1078 x.bidswitch.net — Cisco Umbrella Rank: 342	2 KB
5	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 13911 track1.avplayer.com — Cisco Umbrella Rank: 16702	358 KB
5	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 121 cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	30 KB
5	quantserve.com 1 redirects edge.quantserve.com — Cisco Umbrella Rank: 17055 pixel.quantserve.com — Cisco Umbrella Rank: 928 secure.quantserve.com — Cisco Umbrella Rank: 1240 cms.quantserve.com	19 KB
5	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 15810 e3.adpushup.com — Cisco Umbrella Rank: 18406	283 KB
4	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451	2 KB
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1772 a.ad.gt — Cisco Umbrella Rank: 2369	5 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	28 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1190	104 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 751 u.openx.net digikulture-d.openx.net	594 B
4	quantcount.com 2 redirects rules.quantcount.com — Cisco Umbrella Rank: 1136	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 809 id.crwdcntrl.net — Cisco Umbrella Rank: 2424 bcp.crwdcntrl.net — Cisco Umbrella Rank: 776	12 KB
3	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 677	259 B
3	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 659 ce.lijit.com	680 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	226 KB
2	indexww.com js-sec.indexww.com cdn.indexww.com	2 KB
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1198	325 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4796	800 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 936	804 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 787	163 B
1	adotmob.com 1 redirects sync.adotmob.com	281 B
1	adgrx.com cm.adgrx.com	283 B
1	brand-display.com 1 redirects dmp.brand-display.com	366 B
1	tsdtocl.com tsdtocl.com — Cisco Umbrella Rank: 2987	1 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 365	646 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12752	1012 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 777	75 B
1	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 8123
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2835	397 B
1	teads.tv at.teads.tv — Cisco Umbrella Rank: 4767	338 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2283	312 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1809	541 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1866	10 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1074 lexicon.33across.com Failed	8 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	763 B
1	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3259	430 B
1	lockerdome.com lockerdome.com — Cisco Umbrella Rank: 9479	335 B
1	google.de www.google.de — Cisco Umbrella Rank: 6457	408 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	2 KB
1	hbwrapper.com cat2.hbwrapper.com — Cisco Umbrella Rank: 18774	260 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 733	31 KB
1	increaserev.com increaserev.com — Cisco Umbrella Rank: 122138	163 KB
0	rlcdn.com Failed api.rlcdn.com Failed
452	64

	Domain	Requested by
64	images.taboola.com
34	pagead2.googlesyndication.com	ultrasurfing.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
24	s0.2mdn.net	ultrasurfing.com s0.2mdn.net
18	cdn.taboola.com	ultrasurfing.com cdn.taboola.com
16	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net ultrasurfing.com
16	ultrasurfing.com	ultrasurfing.com
10	eus.rubiconproject.com	imprammp.taboola.com ultrasurfing.com eus.rubiconproject.com am-match.taboola.com increaserev.com
10	cm.g.doubleclick.net	8 redirects eus.rubiconproject.com
10	am-trc-events.taboola.com	cdn.taboola.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com ultrasurfing.com
9	trc.taboola.com	cdn.taboola.com
9	c.amazon-adsystem.com	2 redirects increaserev.com c.amazon-adsystem.com
9	securepubads.g.doubleclick.net	1 redirects ultrasurfing.com securepubads.g.doubleclick.net increaserev.com www.googletagservices.com
8	ib.adnxs.com	2 redirects increaserev.com acdn.adnxs.com
6	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net s0.2mdn.net
6	tempnextstat.bcovery.com	ultrasurfing.com
6	www.google.com	cse.google.com www.google.com tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	fonts.gstatic.com	fonts.googleapis.com
5	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com ssum-sec.casalemedia.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	gum.criteo.com	1 redirects increaserev.com
5	static.anonymised.io	www.googletagmanager.com static.anonymised.io
5	track1.aniview.com	player.aniview.com
4	www.googleadservices.com
4	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com ssum-sec.casalemedia.com
4	token.rubiconproject.com	4 redirects
4	googleads4.g.doubleclick.net	ultrasurfing.com
4	x.bidswitch.net	2 redirects am-match.taboola.com
4	pr-bh.ybp.yahoo.com	2 redirects imprammp.taboola.com am-match.taboola.com
4	cdnjs.cloudflare.com	static.anonymised.io s0.2mdn.net
4	feed.playstream.media	player.avplayer.com
4	fonts.googleapis.com	client googleads.g.doubleclick.net s0.2mdn.net
4	trc-events.taboola.com
4	secure.cdn.fastclick.net	ultrasurfing.com secure.cdn.fastclick.net
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	rules.quantcount.com	2 redirects ultrasurfing.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	am-wf.taboola.com	vidstat.taboola.com
3	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
3	am-vid-events.taboola.com
3	id5-sync.com	increaserev.com cdn.id5-sync.com
3	id.hadron.ad.gt	increaserev.com cdn.hadronid.net
3	ads.yieldmo.com	increaserev.com
3	player.avplayer.com	tg1.playstream.media player.avplayer.com
3	www.googletagmanager.com	ultrasurfing.com increaserev.com
3	cdn.adpushup.com	ultrasurfing.com cdn.adpushup.com
2	u.openx.net	increaserev.com
2	ade.googlesyndication.com
2	prebid.adnxs.com	increaserev.com
2	track1.avplayer.com	player.avplayer.com
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	aax-eu.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	cm.adform.net	googleads.g.doubleclick.net
2	ad.yieldlab.net	googleads.g.doubleclick.net
2	p.clarity.ms	www.clarity.ms
2	beacon-ams3.rubiconproject.com	ultrasurfing.com
2	aegis.anonymised.io	static.anonymised.io
2	lb.eu-1-id5-sync.com	increaserev.com cdn.id5-sync.com
2	c.clarity.ms	1 redirects
2	cdn.playstream.media
2	fastlane.rubiconproject.com	increaserev.com
2	targeting.unrulymedia.com	increaserev.com
2	ap.lijit.com	1 redirects increaserev.com
2	www.clarity.ms	increaserev.com www.clarity.ms
2	pixel.quantserve.com	ultrasurfing.com
2	e3.adpushup.com	ultrasurfing.com
2	cse.google.com	ultrasurfing.com www.google.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	sync.adotmob.com	1 redirects
1	cms.quantserve.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	acdn.adnxs.com	increaserev.com
1	digikulture-d.openx.net	increaserev.com
1	js-sec.indexww.com	increaserev.com
1	ce.lijit.com	increaserev.com
1	tsdtocl.com	cdn.taboola.com
1	sync.taboola.com	am-match.taboola.com
1	vidstatb.taboola.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	m.exactag.com	ultrasurfing.com
1	ssbsync.smartadserver.com	player.aniview.com
1	dm.hybrid.ai	player.aniview.com
1	imprammp.taboola.com	vidstat.taboola.com
1	storage.googleapis.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	a.ad.gt	cdn.hadronid.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	go1.aniview.com	player.aniview.com
1	videos.taboola.com
1	be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	at.teads.tv	increaserev.com
1	id.crwdcntrl.net	increaserev.com
1	idx.liadm.com	increaserev.com
1	id.a-mx.com	increaserev.com
1	cdn.id5-sync.com
1	cdn.hadronid.net	ultrasurfing.com
1	cdn-ima.33across.com	ultrasurfing.com
1	tags.crwdcntrl.net	ultrasurfing.com
1	c.bing.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	player.aniview.com	player.avplayer.com
1	secure.quantserve.com	www.googletagmanager.com
1	hb.minutemedia-prebid.com	increaserev.com
1	lockerdome.com	increaserev.com
1	rtb.openx.net	increaserev.com
1	grid.bidswitch.net	increaserev.com
1	htlb.casalemedia.com	increaserev.com
1	clients1.google.com
1	www.google.de
1	cdn.jsdelivr.net	increaserev.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cloudflare.com	increaserev.com
1	cat2.hbwrapper.com	increaserev.com
1	edge.quantserve.com	cdn.adpushup.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	code.jquery.com	cdn.adpushup.com
1	increaserev.com	ultrasurfing.com
1	tg1.playstream.media	ultrasurfing.com
0	api.rlcdn.com Failed	increaserev.com
0	lexicon.33across.com Failed	increaserev.com cdn-ima.33across.com
452	128

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
chrome.google.com
ultrasurf.us
popup.taboola.com
photovoltaik-muensterland.de
trc.taboola.com
breariancounstone.com
veration-cellyric.com
www.supremacy1914.com
quelancepitylus.com
www.boersenwissen-aktuell.de
pleximed.de
maximparerurehab.com
www.gutes-hoeren.de
beerdigungskosten.org
track.sandr-clicks.com
www.combatsiege.com
electricitygasproviders-de.space
das-immo-portal.de
service.search.de.pricecomparison.it
www.tippsundtricks.co
www.sonnenwelt.de
navy.quest
pakmeit.com
www.enpal.de
www.sixx.de
rfvtgb.dailysportx.com
intouch.wunderweib.de
playstream.media
cdn.remedy-101.com
xcraft.net
www.juskys.de

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
wl.aniview.com R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-26` - `2024-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
cat2.hbwrapper.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-04` - `2023-11-01`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.avplayer.com GeoTrust TLS RSA CA G1	`2023-08-14` - `2024-09-13`	a year	crt.sh
*.aniview.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-04`	10 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
anonymised.io GTS CA 1D4	`2023-07-25` - `2023-10-23`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
cdn.playstream.media R3	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
a-mx.com E1	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
tempnextstat.bcovery.com GTS CA 1D4	`2023-08-04` - `2023-11-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
feed.playstream.media R3	`2023-07-29` - `2023-10-27`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tsdtocl.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-15` - `2023-12-31`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2023-05-31` - `2024-06-30`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh

This page contains 40 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: 79DD59D894414F6BAEFD1C48A71DCCCB
Requests: 241 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20190131/zrt_lookup.html
Frame ID: 69F494EF95EE91FBFFDFFCCEE35A3905
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6446608883ac0940fc0b13ca
Frame ID: B6DE2CD47A6B9800AF87FD83E9C22263
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&adk=1812271804&adf=3025194257&lmt=1693420028&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693427227505&bpp=4&bdt=695&idt=847&shv=r20230829&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8514014216088&frm=20&pv=2&ga_vid=1504099132.1693427227&ga_sid=1693427228&ga_hid=1310672055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077324%2C31077372&oid=2&pvsid=1277819846769102&tmod=456507242&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=878
Frame ID: E0A66FC986D6321BA23B5CEA1D64891D
Requests: 1 HTTP requests in this frame

Frame: https://be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFF64907905CE32E137D5A997FF8E4C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=3549011610&pi=t.ma~as.1261171629&w=300&lmt=1693420028&format=300x250&url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&wgl=1&dt=1693427227510&bpp=1&bdt=700&idt=1001&shv=r20230829&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8514014216088&frm=20&pv=1&ga_vid=1504099132.1693427227&ga_sid=1693427228&ga_hid=1310672055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=975&ady=327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077324%2C31077372&oid=2&pvsid=1277819846769102&tmod=456507242&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6NUtT9qzf8&p=http%3A//ultrasurfing.com&dtd=1008
Frame ID: 1BBBDF32748E3A65614AB8E47BA52815
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmmEXH6aCAU6tLzqv2jrd0su9ON-KKkqNQyR6ZgYaok654Inp458YVQMbruPng5jB6_03hq5yN86Ik-IsqWdkTUEIr2xVS0AzJwnCXgotIo4U6dt2w_OdVHpw96ntz9FGwtNJjDNqfMurW9FaLmvhoQs9wzxYFtTLKr80wCNwrKesultuA6Te-M6k-ChM5rtd6i41szjPvRKOuah_WyjCk2PJd8pnbVW1x5k7-QW_uEd99vm6AlqNSEnd1nYKGfoEqTU_cIaqgqp-RyIfxNnkeXtoa-8FIVKlFIFZPLhAZrTvxT3-0LwlKx4At4N3NdNoK3ElEOO4iFSHLvNXd-4yaNEZnE7Ouf7ST&sai=AMfl-YRAdtMbjjq9I2aXm3sNreIWyO0KZldPTojjbAhBGXw30UlUCLaDaDf-rbSRbXPV4YX_G-e8NhJWB5foXG5-2X9_nJBXfWCxmV53f8RgKMU&sig=Cg0ArKJSzLo8eQLeOH_LEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BF54A1267CC3777C4E71E7439E9CC33F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGKr3tPQBMAE&v=APEucNXVDICOk5d87nZqbd3kXCdA1VZQoUBuaLik3f9qyfIBwrCfYtZWsnB_AEHOgbZEDUCKbyQbIcudMoeMjbcG740tMc_ctA8e8MCgIbmeQHBKDdScooaLSofPFxJkZAvjSmXGtt-7K9v8XRtrlCEDZNK8khlscni1PcclOa13xL1FfG7Avcg
Frame ID: F271D73A1172D3039DB06741E02DF2AA
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss55lRuM0uHya8rOZ4JDokhNWBeYTZ05uX7T58oEep207-j4LcWUr8YUr90-8Qt4aW5pVemnF5juDazBCLCM5vc3Re3FOUtNKFSVdqX9fWq2FUeGCwo880qTa3K19-08V3yJMrB2gsBW7z8CHVZR-zgI3hk9l9qpN5MI9UsMorZS90uWJs7FQtNrg4tfWlZigILXpQ5TcGDR_ASOJRhtRfXq9_q-Yly3g9X41WyfHRZs4JTRlK8v60BOmBvZrhO0WklLh7-ltxD5Qh8qnOTfr8bSlhlCrfFyv4ft1dOjcpNj3N4zzvhFXkafQg0_c6jxzAbhFSRYJse_yyCXt1zoNHtyMkY8tXh5g&sai=AMfl-YTnI1dHZDzBXrNJQBK_TZI8uqCDvnuZKclCow9au8JobfkUMHkYXbR5K81bnMfOOvdkiE5EWtAufzmEEVzJC3b_KzZlhuwEDGwvuMdMgww&sig=Cg0ArKJSzFWr9gWx3pnsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5A5842EA825B062CFB0C3DCAF44476AC
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGMLihuUBMAE&v=APEucNXd5-72HiN1db3ia6CequBCKJcz-N4wRja_Zfk-vc8UB3txw3E68GBydhrYCdKxVGFDMLoiq8TyST64J_DH5zgzlrMEYoz7ifG6boAvkIrv9_GGtLuBkqk9DliOTyW2RvwLsTr-Coj-MMb0LVDaas8GEuNOsEqCF0ID6vNkq3XZkv_qX4M
Frame ID: D6B2B69801CA546B4B8B248255C5641B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EE6D18548ABE6E8E9CFE0B2143E18CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80BB37CFD8E7D44286A260E6AE3146F1
Requests: 2 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=undefined&cb=1693427229535&uv=3322&tms=1693427229535&abt=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=51698f32-a97b-43eb-9a0c-2748bda78255&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 0E5D5B307D0F6D99FA7BBF85A3F19653
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0D2F28B3E3D7393AE5AE524EE866DBDF
Requests: 4 HTTP requests in this frame

Frame: https://dm.hybrid.ai/match?id=407&vid=1693427229279-952420803239-001362-007-007440&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693427229279-952420803239-001362-007-007440%26biddername%3D166%26pid%3D5e7b9048180bd02ded4b0937%26key%3D%24%7BVID%7D
Frame ID: 374FA2B1910647873F3068E6B6A9346E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=33&gdpr=1&gdpr_consent=&rdir=
Frame ID: 898A2D64C55DB5B9C25F1A926E4F4297
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: D0F23B0E5A8B232B16B7E8C3C5651659
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F329A5499D822D39E24E12DFF65A98BD
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0753B3763D42C032A6B113C4E1B24683
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 602E8A32DE38FDE9391EDD96CF325F1E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1
Frame ID: D78F4F6801300BBE94BDC1BF76AAB9BD
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250
Frame ID: 660309FF21AAB026CCD5F4556D6FE612
Requests: 9 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 207E3F1731D2589A03E24CE4DA264FFA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
Frame ID: 44DAE2ED57659C0693E1378EC72509CB
Requests: 19 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C03C7835C9B62162FA960A43E3661AE3
Requests: 3 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 392B0CE2ECF28763F866352569E3FE5F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: F72BBBB74AD390EE34B65C7A7E6A4890
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 35239C3E0684A60C07772806496E8459
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: 924E5291F9A3EB75A1DEDA3322C83A69
Requests: 1 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/ultrasurf-bcovery/loader.js
Frame ID: 84E295B9D26B006AF641D0026ADB5FCE
Requests: 28 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: 45385C54A2836BE12BBF122DEA195D00
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: FA059829269CB49A27A3409C3F8740F0
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: D7F612FB2AD7D51A9C7E741D5F5E0675
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6BEFA4DACB7907AB309AFD1AD78BC3AD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 88FC24C638641C81BD645C4B4E831D77
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: BCAB45CD2A70DA761583E02D5B5CF772
Requests: 1 HTTP requests in this frame

Frame: https://digikulture-d.openx.net/w/1.0/pd
Frame ID: 3747DD685031A5A871919BFF9F0B4686
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4C49739CCA64FB46E30E9EC1C19F68D9
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E2CEBA72AC07754554560AA27A5F825B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D04909FB49E7967A44D200DB52DF06BA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ultrasurfing.com/ suchen

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

452
Requests

80 %
HTTPS

42 %
IPv6

64
Domains

128
Subdomains

105
IPs

12
Countries

9967 kB
Transfer

20212 kB
Size

34
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/ultrasurf-vpn/id1563051300
Title: Ultrasurf iOS VPN

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.ultrasurf.mobile.ultrasurf
Title: Ultrasurf Android VPN

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/ultrasurf-security-privac/mjnbclmflcpookeapghfhapeffmpodij
Title: Ultrasurf Chrome Extenstion

Search URL Search Domain Scan URL

URL: https://ultrasurf.us/download/usf.exe
Title: Ultrasurf Windows Client

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbnails-b:Above%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://photovoltaik-muensterland.de/strom-sparen/
Title: Schlau in PV

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~-6158804628475049956~~dIGxXw_Mf7wcGbEid4GzATX6i8ELy7ruHFxXf_CHtwHnoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwaIc-1jh62LGjXz4uqFcweex848x1EnPupvJXYEuvt2ZcoZQR8wsezSKqVAgtDCZ1EXW4MJSXZ6sq6EzxEDTRJ9c1iRr1o8LeEowK1QiOZRzzjOwckPJ2SiR-XrfvSNrvA&pt=home&li=rbox-h2m&sig=e9c0085f202797226ffe7da3b39801fee344c4ae87dd&redir=https%3A%2F%2Fphotovoltaik-muensterland.de%2Fstrom-sparen%2F%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_campaign%3D2308_sipv_leads_desktop%26utm_content%3D7_familie_baby_region_kosten%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCHjGEo6NfGoq7y5sAe%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCHjGEo6NfGoq7y5sAe&vi=1693427228020&p=ppcgmbh-schlau-in-pv-sc&r=71&tvi2=12316&lti=deflated&ppb=CJMG&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://breariancounstone.com/1f01a89a-934a-4e03-a0b0-0413b0e7f47a
Title: Lounge 777

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~-8592947190648400169~~3JgeA_x80wDx0Rw5BOA22OqQehhmWtonFZ4Kk_IAAlAaslpXktycoP2VDqeVyYl5Q3iQj1fuxYoCsRH8_XbTg69qK3QjJDKmAPmNVh77JGz9Q132cbs974pRFDdwjhz1_xU29Z896QqOSDoDdnV7800vDGrsdo1gtYEVN58eQO58jlksCraXGz6uglzzZgrk&pt=home&li=rbox-h2m&sig=9765e3971c1f30ca06124072a336d4cb936aaca4c93a&redir=https%3A%2F%2Fbreariancounstone.com%2F1f01a89a-934a-4e03-a0b0-0413b0e7f47a%3Fsite%3Dultrasurf-ultrasurf%26site_id%3D1110515%26title%3DFrauen%2B%25C3%25BCber%2B35%2Bsind%2Bverr%25C3%25BCckt%2Bnach%2Bdiesem%2Bkostenlosen%2BSpielautomaten.%26platform%3DDesktop%26campaign_id%3D20064943%26campaign_item_id%3D3461036768%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F66fdc11f6f1741b5db99b05dc22b8645.png%26click_id%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDw31AosqvTx63hi80r%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDw31AosqvTx63hi80r%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDw31AosqvTx63hi80r&vi=1693427228020&p=veisemedia-bitflyer-sc&r=2&tvi2=12316&lti=deflated&ppb=CJMG&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Jetzt anmelden

Search URL Search Domain Scan URL

URL: https://veration-cellyric.com/ae5cf1ad-1f2b-4d7c-93aa-29fc47cec740
Title: Game of Thrones

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~7471270735970214609~~v8YCP20fjuP_7hLM4MNbBoNL3PPHqo4eKSAt71Ul4qF9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kKSStH-Si2L_3-Ys53mt8fEG-VM3fxpSf8KJYHoGkoY1GTYq8vjNtFC7ZZBRiipddWgTCrUG8YvjfaNlYeqFd1Y8AcG1c6seag0AI_rH09A5RciOyCkqT0Kz6ww4w03d1g&pt=home&li=rbox-h2m&sig=b868884a7119825bfd7542d3c2c9636d1933ddf5089a&redir=https%3A%2F%2Fveration-cellyric.com%2Fae5cf1ad-1f2b-4d7c-93aa-29fc47cec740%3Fsite%3Dultrasurf-ultrasurf%26site_id%3D1110515%26thumb%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fe574d0774c48691f3af0ae2061af35d3.png%26title%3DWenn%2Bdu%2B%25C3%25BCber%2B40%2BJahre%2Balt%2Bbist%2Bund%2Beinen%2BComputer%2Bbesitzt%252C%2Bist%2Bdieses%2BSpiel%2Bein%2BMuss%2521%26campaign_id%3D26772880%26campaign_item_id%3D3721510767%26ntk%3D50%26click_id%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCXwkgo7K2u-eXsttgL%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCXwkgo7K2u-eXsttgL%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCXwkgo7K2u-eXsttgL&vi=1693427228020&p=pwn-got-sc&r=62&tvi2=12316&lti=deflated&ppb=CJMG&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://www.supremacy1914.com/
Title: Historisches Strategiespiel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=1a73f1f899510dd464f2ed09a4ad16cc&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~7603993117253845357~~IIt8O3uq8SiI58JwRqIz0ZsW-3aER-MksgkjZS6VbxznoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwUe_XkF8drl9dZ2q19gBAnfOOwel1PY6rhhh-1PjY6Kx3UtW1vVwnlj74NetaGJLsniCbOvxcbQC65OIdODIAdZhMhrfRGxFp4J6vL_4sEcOQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=home&li=rbox-h2v&sig=bcf7063afaac86f46425350a5a3fc75afa2498a10ab4&redir=https%3A%2F%2Fwww.supremacy1914.com%3FL%3D1%26r%3D95050%26placement%3Dultrasurf-ultrasurf_1110515%26c%3D3722551295%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCnpEsoqIq48faDifKIAQ%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCnpEsoqIq48faDifKIAQ&vi=1693427228020&p=bytrolabsgmbh-supremacy1914-sc&r=76&tvi2=12316&lti=deflated&ppb=CLUE&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://quelancepitylus.com/38af9409-8a4b-4a07-9b95-b419150020d9
Title: GAIO

Search URL Search Domain Scan URL

URL: https://www.boersenwissen-aktuell.de/5-dividenden-stars/
Title: Investor empfiehlt

Search URL Search Domain Scan URL

URL: https://pleximed.de/desktopde1
Title: PlexiMed©

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=431be7479037af9d98935ef776f782bc&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~5479885972435581407~~NQ1DTp0fO-s7j3yjfkpBoMtkijtnAIgix9Nl51Pnos4e79Ni-eBnd8iQ4KmvvX-Q9OodBYAJsYsZd4s8hdkv4ho-KrN5xrfUzBMnkpYR2unRKXmzzrBxWo_le0o32zHHJGJrPzw41Su5IhhqaxJ8fo-3LjbxdV-CNz46eMR5cYGn9LSKDzvDmU5XdDJxLcwR&pt=home&li=rbox-h2v&sig=5521c15163b77ab640c1475219af71c59c43b7694009&redir=https%3A%2F%2Fpleximed.de%2Fdesktopde1%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCLpWEoyqKhsJuZ0IMo%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCLpWEoyqKhsJuZ0IMo&vi=1693427228020&p=philipprenseneinzelunternehmen-pleximed-sc&r=46&tvi2=12316&lti=deflated&ppb=CL0C&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Weiterlesen

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/fe859dd9-9391-4d09-a945-1a40d281bf76
Title: PV Angebote

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=5c543b03fc68cffaaaa758217529550d&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~-4403644459126737389~~bHVoMcnp6SC9_gtT6ORECOeZA_DjL9VEIABt9GNY0yUndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcRtMUwo-H2zCE_QWzxLHq2uPZNe54tBXp-ZZeiUiCfgN7e26vu5tsdp1cDmTwLBmKVr3w6v3KB3YPj_j1_ko4-oALg2FOJTQ10DDJRw1Q7tN3bjkuEgC38IYviVCjAPsEWhvi8A4wlvMb6rwUyqD1yivU5Y-EiKtkvfIkjoyD4E0uq180H09KMMGWKDra9vB9w&pt=home&li=rbox-h2v&sig=514cf7a52e931b2216d03119a6e924647d71d84da08b&redir=https%3A%2F%2Fmaximparerurehab.com%2Ffe859dd9-9391-4d09-a945-1a40d281bf76%3Fsite%3Dultrasurf-ultrasurf%26title%3DSolarpflicht%2Bin%2BPrivathaushalten%253F%2BStaat%2Bbietet%2B2023%2Bungew%25C3%25B6hnlichen%2B%2522Anreiz%2522%2Bf%25C3%25BCr%2BH%25C3%25A4user%2Bmit%2B...%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F0e610f0421fe0c39e0dcc0044cadabcd.jpg%26campaign%3DDE_Solar2_IntEx_Desktop2%26utm_content%3D3727274338%26conversionname%3DXO_Lead%26click_id%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDjil4oicCK6fOlz8S7AQ%26utm_medium%3Ddis_nat%26utm_source%3Dtaboola%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDjil4oicCK6fOlz8S7AQ%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDjil4oicCK6fOlz8S7AQ&vi=1693427228020&p=wattfoxgmbh-new-solar2-sc&r=3&tvi2=12316&lti=deflated&ppb=CNYE&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.gutes-hoeren.de/technikwunder-unsichtbares-hoergeraet-v2/
Title: Gutes Hören

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/89e8bbd9-9810-456d-84eb-561a7ef7884a
Title: Das Immobilienportal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=cb5f488da8e07fe104d2b42c25d6150d&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~5589380822228658847~~TFIEu2JvHi33XFpgj1phaiGzzVkh0RBGbqULwZhei4B9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kPTqHQWACbGLGXeLPIXZL-KWN2uFrTg0u_auYZZ-mCPM9GELAxkB-jr6qsYPAyjsrOrE-DYdOg2YY-uNaZpaQJ-Pty428XVfgjc-OnjEeXGBp_S0ig87w5lOV3QycS3MEQ&pt=home&li=rbox-h2v&sig=726c8f4e0a3fbd4216c32faf703802a1b12f96321a30&redir=https%3A%2F%2Fmaximparerurehab.com%2F89e8bbd9-9810-456d-84eb-561a7ef7884a%3Fsite%3Dultrasurf-ultrasurf%26title%3DExperte%2Bgesteht%253A%2B%2522Hausverk%25C3%25A4ufer%2Bk%25C3%25B6nnten%2B2023%2Brichtig%2Babsahnen%2522%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252FGETTY_IMAGES%252FIBK%252F200538988-005__ycADrecK.jpg%26campaign%3DDE_Immo2_Desktop1%26utm_content%3D3722177802%26conversionname%3DLead%26click_id%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCwxV0ot676zeLqoJgC%26utm_medium%3Ddis_nat%26utm_source%3Dtaboola%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCwxV0ot676zeLqoJgC%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iCwxV0ot676zeLqoJgC&vi=1693427228020&p=wattfoxgmbh-new-immobilien2-sc&r=66&tvi2=12316&lti=deflated&ppb=CI4C&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://beerdigungskosten.org/nbl-bestattungen-2021-warteliste-v14/
Title: beerdigungskosten.org

Search URL Search Domain Scan URL

URL: https://track.sandr-clicks.com/d4dbba3d-e190-4f9c-8117-f5ab43f1c9a9
Title: @CHIP_online

Search URL Search Domain Scan URL

URL: https://www.combatsiege.com/
Title: CombatSiege

Search URL Search Domain Scan URL

URL: https://electricitygasproviders-de.space/
Title: Beste Stromanbieter

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=be6345fbd41fc26ef37aac9588b688c2&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~-8008571313447422369~~eFNWac3ybT8iQVTKOQbEsUog8gsnb3rlJ5RxMbNCpM19_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kCf1P1jxHcE5td_gGW9B2uK2hfkJbAwohiCzQMurbDc3oN2RMrZZy4RF9y2z5PmSzqkhal5H829Q7J2Pj12VwOoaE3iK7ebMf8nQ4vZ9kk8x4nihmyDN13ihF0TfT4aHNg&pt=home&li=rbox-h2v&sig=d28bf6680d24cb598894b00ead1ab06dbfc56fef5906&redir=https%3A%2F%2Felectricitygasproviders-de.space%2F%3Fnetwork%3Dtaboola%26site%3D1110515_ultrasurf-ultrasurf%26adtitle%3DDie%2B10%2Bbesten%2BStromanbieter%2B2023%2B%2528Hier%2Bist%2Bdie%2BListe%2529%26sub1%3D26874361%26sub2%3Dultrasurf-ultrasurf%26sub3%3D2023-08-30%2B20%253A27%253A09%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDy_1gohI_T3o7Y-IZG%26kw1%3DBilligster%20Strom%20und%20Gas%26kw2%3DDie%20Billigsten%20Stromanbieter%20%26kw3%3DPreisvergleich%20Stromtarife%20%26kw4%3DStromanbieter%20Vergleichsportal%26kw5%3DVeryvox%20Stromvergleich%26kw6%3DG%C3%BCnstige%20Stromversorger%20Deutschland%0A%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDy_1gohI_T3o7Y-IZG&vi=1693427228020&p=medianet-autos21-pp&r=7&tvi2=12316&lti=deflated&ppb=COcE&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDA0NzE4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwjrSBCcYBgCZGMIqjUQiE0YMmRjCNcWENUfGCNkYwjUFBDyHBgHZGMIlhQQmhwYGGRjCNIDEOAGGAhkYwj1__________8BEPX__________wEYC2RjCKQnEIo1GC9kYwj0FBCeHRgfZHgBgAECiAGkx5L4AZABHJgBgsGDwaQx&cta=true
Title: Jetzt Suchen

Search URL Search Domain Scan URL

URL: https://das-immo-portal.de/rente-plus-immobilien-teilverkauf/
Title: Immo-Portal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=b9418b18a86e9ad46948720f9cca1b22&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~-3433267819303656174~~5C30RspQelsBou5UV8uQi78BIqEj8xnoGHhjK9J3SsnnoZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnRtKrA8isyMZsNwaZpAmx6QQqwSW9yRvBsUfjT8xNgTFqkTBQh0w1We2ixCA3f-zBTS8Maux2jWC1gRU3nx5A7nRJBzuLkRVqsAjZ09nyU1DoYD60qVYzKB_9uZqcHlwH&pt=home&li=rbox-h2v&sig=0b5d9b4dbe60906bc6041f8ada56f4dc44fcb33e134f&redir=https%3A%2F%2Fdas-immo-portal.de%2Frente-plus-immobilien-teilverkauf%2F%3Fs2%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDt7Fooq46St4L2ro8c%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDt7Fooq46St4L2ro8c%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDt7Fooq46St4L2ro8c&vi=1693427228020&p=coopergrowthsweepstakes-teilverkauf1-sc&r=86&tvi2=12316&lti=deflated&ppb=CJcF&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDA0NzE4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwjrSBCcYBgCZGMIqjUQiE0YMmRjCNcWENUfGCNkYwjUFBDyHBgHZGMIlhQQmhwYGGRjCNIDEOAGGAhkYwj1__________8BEPX__________wEYC2RjCKQnEIo1GC9kYwj0FBCeHRgfZHgBgAECiAGkx5L4AZABHJgBgsGDwaQx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://service.search.de.pricecomparison.it/pc-hund
Title: Hundebedarf

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=b9418b18a86e9ad46948720f9cca1b22&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=photo&ii=~~V1~~-3029323087876598127~~sVFhlAxpO4ueqM-lX2wGoljMzaHIZpAIK6U_g_X5h2d9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kPTqHQWACbGLGXeLPIXZL-KvL86vvx-CEq2GuLRmKe2PAvcPbaZCteIfcEM6ab0GSiiB1gExUMN7QaQwXt-EbpCRnEBm_G-Kcn30661BeU4IUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=home&li=rbox-h2v&sig=de411b6dff83123b8afd61d4a44d4dacf1236c364e97&redir=https%3A%2F%2Fservice.search.de.pricecomparison.it%2Fpc-hund%3Ftr%3Djnvdy%26utm_campaign%3Dultrasurf-ultrasurf%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDzp1oozYCgh8qSqbx-%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDzp1oozYCgh8qSqbx-&vi=1693427228020&p=bamoaweb-adsense-sc&r=86&tvi2=12316&lti=deflated&ppb=CJcF&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDA0NzE4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwjrSBCcYBgCZGMIqjUQiE0YMmRjCNcWENUfGCNkYwjUFBDyHBgHZGMIlhQQmhwYGGRjCNIDEOAGGAhkYwj1__________8BEPX__________wEYC2RjCKQnEIo1GC9kYwj0FBCeHRgfZHgBgAECiAGkx5L4AZABHJgBgsGDwaQx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.tippsundtricks.co/hausundgarten/unkraut-entfernen-mit-diesem-trick-dauert-es-nicht-mehr-lange-super-praktisch/
Title: Tipps Und Tricks

Search URL Search Domain Scan URL

URL: https://www.sonnenwelt.de/4500-euro-sonderfoerderung/
Title: Sonnenwelt GmbH

Search URL Search Domain Scan URL

URL: https://navy.quest/
Title: NAVY.QUEST

Search URL Search Domain Scan URL

URL: https://pakmeit.com/
Title: PAKMEIT

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel2/solaranlagen-viele-hausbesitzer-machen-diesen-fehler
Title: Enpal - Solarmarktführer

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Thumbnails%20|%20Card%2013:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.sixx.de/serien/paula-kommt-am-telefon/videos/prostata-massage-so-geht-es
Title: Sixx

Search URL Search Domain Scan URL

URL: https://rfvtgb.dailysportx.com/worldwide/captiv-ta-ge
Title: Daily Sport X

Search URL Search Domain Scan URL

URL: https://intouch.wunderweib.de/gilmore-girls-so-sehen-die-stars-der-serie-heute-aus-114149.html
Title: InTouch

Search URL Search Domain Scan URL

URL: https://playstream.media/
Title: Ads by

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbnails-1x3:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://cdn.remedy-101.com/detab/
Title: Slimming Gummies

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=433537997b32c1e00efd8c318c9b509e&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~5304339663074878568~~cZaZ7und4B1yJaiJn0wLm5tHzzfTBi1iAbwyM7Y4PMoe79Ni-eBnd8iQ4KmvvX-QJ_U_WPEdwTm13-AZb0Ha4sL7S_CoXjmthfV1CeU73_0PWJWMMaT3mM_razW6cpuF73m1_fecBTP5OJiI9sVcGij13P8Ba63us5249mHMmGNQIiFyKAMoup9dqEAtgoLqfe3jmgHZXC04GgECm-uojQ&pt=home&li=rbox-h2m&sig=4a158695b39b4624828842d2e227221467deb4f8d7ec&redir=https%3A%2F%2Fcdn.remedy-101.com%2Fdetab%2F%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_content%3DNachtfettverbrenner%253A%2BMit%2B2%2BGummis%2Bverbrennt%2BIhr%2BFett%2Bdie%2Bganze%2BNacht%2B%2528Machen%2BSie%2Bdas%2Bjeden%2BAbend%2529%26utm_campaign%3DDE%2B-%2BGummies%26utm_term%3DNachtfettverbrenner%253A%2BMit%2B2%2BGummis%2Bverbrennt%2BIhr%2BFett%2Bdie%2Bganze%2BNacht%2B%2528Machen%2BSie%2Bdas%2Bjeden%2BAbend%2529%26ad_id%3D3726901935%26campaignId%3D27178188%26publisherId%3D1110515%26source_id%3D1110515%26domain%3Dultrasurf-ultrasurf%26deviceType%3DDesktop%26creative%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252FIMAGE_UPSCALER%252FEIU%252F8b60358e-bcb3-464c-af3e-b6e3d7eae7ca__GTwbylaN.jpg%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDkpFQolZDgo5nOzrQu%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDkpFQolZDgo5nOzrQu%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iDkpFQolZDgo5nOzrQu&vi=1693427228020&p=taboolaaccount-shopthefashionrunonline&r=22&tvi2=12316&lti=deflated&ppb=CI4G&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://xcraft.net/registration/
Title: XCraft

Search URL Search Domain Scan URL

URL: https://www.juskys.de/sale
Title: Juskys

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=433537997b32c1e00efd8c318c9b509e&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&it=text&ii=~~V1~~5562353180847103070~~mG95qGuRyewWHShmlcpjGd1MzPQHQk6MXReZq1iUDjZ9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kKSStH-Si2L_3-Ys53mt8fHC-0vwqF45rYX1dQnlO9_9JCCtHNYCa6xV5-ZzfYwale95tf33nAUz-TiYiPbFXBq_x1hA7LHecCbVGzp0YzJOWzV-pEzQxc5A-MICQRwgu33t45oB2VwtOBoBApvrqI0&pt=home&li=rbox-h2m&sig=8c22beacd338b9c1ada976c9696ddf163c030932cd8b&redir=https%3A%2F%2Fwww.juskys.de%2Fsale%3Fetcc_cmp%3Dalways_on_promotions_ron_desktop%26etcc_med%3Ddisplay%26etcc_par%3Dtaboola%26etcc_ctv%3Dsale_kategorie_10202342%26klar_source%3Dtaboola%26klar_cpid%3D26384426%26klar_agid%3D3717786215%26p%3D1%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iC-hl0o0KP--ei769eNAQ%23tblciGiBjZ3o6emoHr9BVBfFTjcO2G8KEivCU9AqcUqiEMDq2_iC-hl0o0KP--ei769eNAQ&vi=1693427228020&p=juskysgruppegmbh-sc&r=48&tvi2=12316&lti=deflated&ppb=CI4G&cpb=EhIyMDIzMDgyOS03LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTc4gKKLlQtAm-MJSIiKEFD5xtkDWP___________wFjCNA3EJ9PGDBkYwiqNRCITRgyZGMI60gQnGAYAmRjCNcWENUfGCNkYwjUFBDyHBgHZGMI0gMQ4AYYCGRjCJYUEJocGBhkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGkx5L4AZABHJgBnLuDwaQx&cta=true
Title: Click Here

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 29

http://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js HTTP 301
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js

Request Chain 41

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 71

http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js HTTP 301
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js

Request Chain 78

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Request Chain 88

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5751CBACFDDF4F68A0C3B1A617E29269&RedC=c.clarity.ms&MXFR=2C9BE9121B9A60D2268BFA6F1F9A6EB7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5751CBACFDDF4F68A0C3B1A617E29269&MUID=26F204B8FFCF6B4D3ECA17C5FE1D6A43

Request Chain 94

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1

Request Chain 202

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 309

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY6UJM8-K-7D0W&gdpr=1&us_privacy=1---

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDUDLXeD5FvWAsTnmmy-gto&google_cver=1

Request Chain 312

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU3NDNjYjgwNDQxMTY0ZjI0ZTAxMTFjNmEyYzFhZTMwYzA4NWNkZg&gdpr=1&us_privacy=1---

Request Chain 313

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 314

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 315

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZNlVKTTgtSy03RDBX&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEIVrcejiyg9uI692nhXEDXU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZNlVKTTgtSy03RDBX&google_push=&gdpr=1

Request Chain 319

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/LA-0fWkOCjSiXIgii0JOaw?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K4tOsKlE2oKa09FJKWnoFtGFrEuCNDX0Ba3rlQ--~A

Request Chain 342

https://googleads.g.doubleclick.net/pagead/adview?ai=CvezkHKbvZNKhO6aqpt8P0tep4AuegqbXcsS9tb6MEuHw9rLoMBABIJy-tSRgldKhgrAHoAHp_fXPA8gBCagDAcgDywSqBPABT9BYGve7DIiL2oTBEdkM7iyWfkdxwJ8bpdGJ-RwacxtUeUVoJ4Tb8vAl0OyLLo-Jh53NjHI8m-U7FIaMxYtmmdpcizccXjeT2vFqF2R97bpEDddtdAYdmP9mpo8m1bqaKx9Ged7w_Ec5CW4pEmo9HJsrK1_XrJMkEY7htHjDskumeGNtxspj8JGyTH98fLRX2O8Hpw1R7TWnDVojDZPybxeGLWVIM1vmkn-wBij4YMpQtMLv_F_u_ls8oecxBI6x6FtdaQ8pT4dF1z-pPl2akIRhD3SsJPWA47VWeROp2eNzVNhUe4FnRF_FzMRT9lG4wASa7sG2vwSIBYyq2fRLkgUECAQYAZIFBAgFGASgBi6AB4qaxJwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsc8N0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJO2h0dHBzOi8vc2VhcmNoZmF2b3JpdGVzLm5ldC9pbmRleC5waHA_cmdpZD02ODM1MzAmc3ViPWdjbGlkgAoByAsBuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04NTAyMjM3Mjk4NjU2MDA5GAA&sigh=ZnPYLSJRoBY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWpq-88toukfSCHmsytFxxjj0TRu9OBRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213618395527700703639%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215945269249446352337%22}&andc=true

Request Chain 347

https://pr-bh.ybp.yahoo.com/sync/taboola/2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4ngUa5VE2oQJOBtvaMoi_Sxpsa3Q1qzBQbScqQ--~A

Request Chain 369

https://googleads.g.doubleclick.net/pagead/adview?ai=CtXkFHKbvZLPaOqqdpt8Pxeil6AqegqbXcsS9tb6MEuHw9rLoMBABIJy-tSRgldKhgrAHoAHp_fXPA8gBCagDAcgDywSqBO4BT9BVqDUlXDW2x6_CTfLlmAtKE8j2vw3YG8TUriyeBmrUVbBPu0c7t4XFp3y0OvepLCWGbUtsMd1TEL5WdBjT1XGdYojOFOoKGICP833uKJ4Xgfps_52y16x4jvvzDiJR1nlcW6aUBhTzKXEhCMs-GWB_F99P9fUDJtanAZU5olcs5DkowS58CE2DHSe-3zGUN-iKERUD3aQ_sLE-vh0s1KfsJxZBfDucDtI7U7zf3gDT8IQzEuQ0cW-Pd5PEQYQIksp_li2Snk9vdFnZhn9EvsmCPmSZBP9dpyq157CdJvoqCElYeh3qjJhuEsGimMAEmu7Btr8EiAWMqtn0S5IFBAgEGAGSBQQIBRgEoAYugAeKmsScAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL_QCdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTtodHRwczovL3NlYXJjaGZhdm9yaXRlcy5uZXQvaW5kZXgucGhwP3JnaWQ9NjgzNTMwJnN1Yj1nY2xpZIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItODUwMjIzNzI5ODY1NjAwORgA&sigh=i1S1aotFX08&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWYamltWqHLPHFwTpmHJJxZBPPR98qsBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225550635441063966743%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227850194439071732001%22}&andc=true

Request Chain 392

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 307
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Request Chain 427

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=4a6311d0-d0ad-4dac-a636-c782121d275e

Request Chain 430

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6594705022417687362

Request Chain 433

https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID

Request Chain 442

https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 444

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO.mK1sF5SF92-5OONFJZQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMF4OhRt2Yy1RvBOmwchbkQ&google_cver=1&google_hm=2

Request Chain 445

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJysxdlytLRb01VGyi2Qdx4&google_cver=1

Request Chain 446

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 448

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0832f0fd-eae1-7c12-5b14234f

Request Chain 450

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=C1FURlxTAEIQVlcSCFQcFApUA0YQVQkTCAPbShKA

Request Chain 451

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

452 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ultrasurfing.com/ 11 KB
4 KB 329ms
301ms Document
text/html 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f904c9c849bcc1d3d3a5996b8c947abf921a2877179c008d5afd1ba3b32a3b10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7fefc5c5af81901f-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 20:27:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79v1v6Xm%2BRgO7rr%2B03iYwA1iIgfnvmbn%2Bxyhv1QpjSDnF%2BEK4zE9Q7pUL1jzfiwgq5OD%2FsEG87Dge2QSK9RA8r6D%2FWeg6b%2B%2BUfxfhDAG2YiKRQ%2FR7Em7s4j3%2F5w7Hy3AdSjKHOkuSeyPtf4OTH2Y"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK reset.css
ultrasurfing.com/css/ 773 B
1 KB 17ms
17ms Stylesheet
text/css 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/css/reset.css
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5633
Cf-Polished: origSize=1050
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: W/"5f9a61f5-41a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cll3Muf%2FaHI34QvcT4R6%2BsBQAzDjgEwMpSi9bcPe3lYR0w%2BMpFlsQO2T6Nw5nP3Uo%2B81gp6ADVeJjqgYLoJigfZJ9M6zO7x2AW2rPdxGl8rvAShQCeveJjleChE82%2Bf4Kmtf9zjPyh4u9VecOqcl"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
CF-RAY: 7fefc5c799a3901f-FRA

GET
H/1.1 200
OK style6.css
ultrasurfing.com/css/ 11 KB
4 KB 27ms
20ms Stylesheet
text/css 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/css/style6.css
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3039
Cf-Polished: origSize=19201
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Sat, 08 Apr 2023 04:22:52 GMT
Server: cloudflare
ETag: W/"6430ec1c-4b01"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSf1AjHxfA%2FqhHNKLUG%2BMj6T9%2Flw87YTL8jDVCPPXX0kCcjPBrKsexOCTQe7iQ%2F1mQzcgZ1UHK8rDHWo4Z4tW%2FsfzSw4dZ2qb0Wys%2BF0b7026duxTzCV3kaH1d6fhtufXc8fgulueEqWgNpAcKx%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
CF-RAY: 7fefc5c7ad2c198f-FRA

GET
H/1.1 200
OK 3d5d55b1_photo0_610.jpg
ultrasurfing.com/images/ 51 KB
52 KB 13ms
13ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/3d5d55b1_photo0_610.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d210680b84e1c45fcbf0910f0402d8e36764b65a08da5e6529ded4473abfeb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 20262
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 52559
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 14:48:07 GMT
Server: cloudflare
ETag: "64ef56a7-cd4f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nIuVk2fmJsnB9SSHoDGU97oZpdbJ9QD7TVsrEb4Lx7wivaiuSZ39SONnaPWSGKiLkLSZdjRCkhQOKsiYQktBhn9HgAcigIl3c0ygvcGIN81p%2F4Biz9aCMIMITnNZ8kbstvMxLksTJL%2BpsO7jymV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7b9d0901f-FRA
Expires: Thu, 29 Aug 2024 14:49:28 GMT

GET
H/1.1 200
OK cc4c178a_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 19ms
18ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/cc4c178a_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c189285a3ad1c081921179be99780df43335415a1abec35f2623a4f996b54169

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 804
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7053
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 20:12:07 GMT
Server: cloudflare
ETag: "64efa297-1b8d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aWd0SfqXNgFjbwsZaDNUXEDRpBmXpyOMBWEnlMLQPg34B6iqtH4SJ33hr6eI8WPDSKee6B1uYebsemFWPXk%2F2nEYlgSEY0bBziqCPsy6ehbjJd7%2B8o6lYpMPW5VeIw%2BUM7cmJ%2B7ZXhbXtduuvDI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7cd69198f-FRA
Expires: Thu, 29 Aug 2024 20:13:42 GMT

GET
H/1.1 200
OK af489ba2_photo0_190.jpg
ultrasurfing.com/images/ 8 KB
9 KB 33ms
32ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/af489ba2_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd150c168c4a6f1da7c6c95e0c7f7a191351886c2fbee7233032b41a9cf11625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 46598
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 8146
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 07:30:08 GMT
Server: cloudflare
ETag: "64eef000-1fd2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHopreRIILxPE3%2BkvibiWWyZgvgEDSQq6WmmtvvJUCgo5J%2Fc9c1r946RCjbGlsIMWe3txcFkbtBYxjVEDF7YzpG6DoiHN3q8fzS2uVd2XW3aLrJysGkONHfaSCG6FMIVchP%2B5Eu87gdoZ8opbY5p"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7eda3198f-FRA
Expires: Thu, 29 Aug 2024 07:30:31 GMT

GET
H/1.1 200
OK fc4e736d_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/fc4e736d_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f749e6203f8632c75244e00dd1b705552026eedfe746e06c580e2c791482a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 13282
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 5642
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 16:45:02 GMT
Server: cloudflare
ETag: "64ef720e-160a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31FfmY%2F9l9vgmHyTNXR1pKn3rzs624Sr8nqoH0Q1Ae7CbJM66SbJmrZDIk2rZ21Jcvcoj6F3lzWjchOP4HY9W%2BixSRyMEdXKyxZylPCEm%2F6%2Fm32tlBoG8Lab3SmdLBC%2FuIT9maEaUEIkzCdHtxPk"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7ea13901f-FRA
Expires: Thu, 29 Aug 2024 16:45:48 GMT

GET
H/1.1 200
OK ab36f4de_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 33ms
26ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/ab36f4de_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5549c9c67a7cad381c4ffada85380ac8835fe744da9018a6eb8517acc826b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 8516
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7462
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 18:03:02 GMT
Server: cloudflare
ETag: "64ef8456-1d26"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu3kopJrGaivr%2Fo4bKaZO76g7FKTCp8YbzeJFTy0gKb4P%2FolJPnEZcsB2kDkFe1RWJ2MinTFu6HiQVW0uRAKD0K6drXU1baxsahkxhZgFHy3XZPvCajzWpMRj510bPIb1YlSCrtlhui7FdHVspFJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7fcc19be9-FRA
Expires: Thu, 29 Aug 2024 18:05:14 GMT

GET
H/1.1 200
OK 8014ee85_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
7 KB 26ms
18ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/8014ee85_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beec77cabd1f6d0a6d92ec4c08932be28c5a9503a8bc27ce101870cc7f75d806

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14368
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 6252
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 16:27:03 GMT
Server: cloudflare
ETag: "64ef6dd7-186c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59e3hwdhpqlTEOfwTE3bxmxJZOyIIKkAnZSwxkbPoMbM9aKez2gXSBIC2xs1ilIU7uTptUwotBjH0aYi8F3br%2B9c76SJ13PhPgQnCnoulYf8iMcN3vjhUVRZuL2spwwnT5RuApXJH5ldGwOq3C3v"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7fa5c2ba6-FRA
Expires: Thu, 29 Aug 2024 16:27:42 GMT

GET
H/1.1 200
OK 2ddf4f01_photo0_190.jpg
ultrasurfing.com/images/ 5 KB
6 KB 313ms
305ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/2ddf4f01_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f396665f3785d81c663f06089447a2f0e13c296f58407b2ede914c198b967

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 5077
Last-Modified: Wed, 30 Aug 2023 20:24:05 GMT
Server: cloudflare
ETag: "64efa565-13d5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGJvuK16v0Bww5z4%2BO9e4zMi9eNiNCTRSCNQpsyf7ZOnKODihIKZ%2B2qFQbXNYK60qBSWox%2FcZXOqdPg5vLSMWEa00VY7vHYng2m6IfWO2qIh51PAKRo9NZizbS8MXSoqV3MrcvAZwcDkivLiTUzP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7fcce8fd0-FRA
Expires: Thu, 29 Aug 2024 20:27:07 GMT

GET
H/1.1 200
OK 1ff5a142_photo0_190.jpg
ultrasurfing.com/images/ 10 KB
11 KB 304ms
297ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/1ff5a142_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed058cc6fce0e40508da4ed7df4c70ee5e0e8e774137fd4c1f69b2fc4d5b9c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 10089
Last-Modified: Wed, 30 Aug 2023 20:24:05 GMT
Server: cloudflare
ETag: "64efa565-2769"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdPHNKkcjDX4fOsIOa39jH6JkuhP8dQuYxZuwU20FmJJWrK4ksV6ZX8rk7attJBukdFZUWqb9m4FC937F4rnZJ%2FWFSWOB9iLNP2HQowOKL1YuyM09kwn7cKHaaASV%2FwZ6s1CjCgk9HD8llDyBpF8"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7f8af3627-FRA
Expires: Thu, 29 Aug 2024 20:27:07 GMT

GET
H/1.1 200
OK 67b9e358_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 37ms
15ms Image
image/jpeg 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/67b9e358_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 517f843f60ee886ad8a08a47e203a77b27ca99a683cdd3306ed61de307badd6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 804
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7341
Cf-Bgj: h2pri
Last-Modified: Wed, 30 Aug 2023 20:12:06 GMT
Server: cloudflare
ETag: "64efa296-1cad"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x10s6e%2BhRZXaCFhwh%2Bqlvd5kyK3DLLPH1vNqPyWG%2FTfxaUfnQQ4phFa%2Fcmqu%2Fazpl%2F1goKDAVhsk8Aq8gjacf6ZJtBvvWeJPB51It1gW7KuAXQ%2BJcVsIqqoNqxO%2BYWPXYO4YvD22EUfRSvShtoSt"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c81de4198f-FRA
Expires: Thu, 29 Aug 2024 20:13:42 GMT

GET
H/1.1 200
OK rocket-loader.min.js Show response
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 9ms
9ms Script
application/javascript 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

HTTP/1.1

Server

2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Aug 2023 13:09:20 GMT
Server: cloudflare
ETag: W/"64e60500-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5cGnoVktOd859POJVQGWqTbM53ahgZ5IngTSYMIXjxJ%2FLh7DkExGVX51uByKGoTH8JUAdMAZOyHpWpHJg9AU%2F2yZUNuA7xjJYPesZg3uXC1ZK%2BYY3nhdwshMaT%2Fbs1CnxcNqjtYcN9Vz28B%2BaaP"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 7fefc5c81d099be9-FRA
Expires: Fri, 01 Sep 2023 20:27:06 GMT

GET
H/1.1 200
OK adpushup.js Show response
cdn.adpushup.com/45157/ 501 KB
173 KB 111ms
37ms Script
application/javascript 2a02:26f0:780::210:ca41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adpushup.com/45157/adpushup.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2a02:26f0:780::210:ca41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d4115c2027ebdab3d17a168a56b4d61931023a624abaca938ba90d5c1f31cbfb

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
Content-Encoding: gzip
x-akamai-device: mobile:false&tablet:false
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=26, origin; dur=0, ak_p; desc="1693427226939_34654781_271872698_2588_1873_6_0_-";dur=1
Content-Length: 176487
x-akamai-country: DE
X-AP-Device: DESKTOP
Last-Modified: Tue, 29 Aug 2023 00:57:54 GMT
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-AP-Geo: DE
Expires: Wed, 30 Aug 2023 21:27:06 GMT

GET
H/1.1 200
OK bg_header.png
ultrasurfing.com/img/ 230 B
1021 B 20ms
16ms Image
image/png 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/bg_header.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1818387
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 230
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vT6uXNJcfOttdZ7MrDI0fL5O1YeyeKv2D1btZxVHF7IlDU1jVWp%2FgLLkSrtrEUC%2F%2FEoNNHlpzU41pqQ97fKoGuiBStnHbkxuEfvrJqG567r0ump32LtovfYPx7nEddYtPsEYrcnKZoTAtSkG1Zl%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c7fa28901f-FRA
Expires: Thu, 08 Aug 2024 19:20:43 GMT

GET
H/1.1 200
OK logo-new.png
ultrasurfing.com/img/ 7 KB
8 KB 36ms
20ms Image
image/png 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/logo-new.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1433179
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7316
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-1c94"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5QqucB1cfLFjiz8JMuUpe%2FpaYP1VvPOLAKYBCrl0aYdYIXAe0HKk%2FrnCXNbCNv6de8VK8ZiRS2hUI26i5sV47GSt%2BrxVJmJXRyCVH0m52%2BVCPgjxmPsVB%2FtNBe6ojjXuc6oyHvtxZgEOl5uC3yf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c81ab72ba6-FRA
Expires: Tue, 13 Aug 2024 06:20:55 GMT

GET
H/1.1 200
OK bg_nav.png
ultrasurfing.com/img/ 175 B
972 B 37ms
17ms Image
image/png 2606:4700:e0::ac40:6612
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/bg_nav.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6612 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2886452
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 175
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-af"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=illXb4rba%2Bi%2B54n1pRzLdKCJdk0s9Z%2BsGXPqNVhTFXzvrKLsMBsgxHmHJn9za7ORN3jOqKqur%2F4P7hwF28kmUlwly%2B4nGr6fV3u%2FaDaXCl8%2FI2Fh6IPGyGPDtYptFQafwMwgZnmK9XLmupEn16P3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 7fefc5c81a41901f-FRA
Expires: Sat, 27 Jul 2024 10:39:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 114ms
61ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8502237298656009

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82c81e09b6f0d6b908acc5ddb9157178675515a231746e5cd918772aae34c881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51029
x-xss-protection: 0
server: cafe
etag: 10752099086943663020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:06 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 30 KB
8 KB 500ms
361ms Script
text/javascript 2a02:26f0:3000::170a:f969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=644662fd5e555cc28b0f44a5&AV_PUBLISHERID=6446608883ac0940fc0b13ca
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3000::170a:f969 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: af768919546c8a98d8fb6feb35c23509cb9b0888b917d22c7a3875a5b20d47e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Wed, 30 Aug 2023 20:27:07 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7465
Expires: Wed, 30 Aug 2023 20:32:07 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 95ms
43ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

53d2024ea85892bc55360668102bae5e75721a529e81534124a3feceedff6047

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-KLeuO2foOHsDBcVGdhhWAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KLeuO2foOHsDBcVGdhhWAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Wed, 30 Aug 2023 20:27:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2487
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Wed, 30 Aug 2023 20:27:06 GMT

GET
H2 200 aaw.ultrasurfing.js Show response
increaserev.com/ads/ob/tage/ 537 KB
163 KB 68ms
31ms Script
application/javascript 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cff6d9f940688d8d51b43afdc695b22b4e802561dd01518d7592964695aa545

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4095
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 30 Aug 2023 19:07:14 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7otACdHuBx18gsl2lBF%2FWLAGHxq2unkGGX98PnfA6sVpUcYwFoi3lF3nrgcveHzkBz5x7k7sbTX3kTklA3aO2Q%2B0z1bFYuv4sdMH1iki4fA1fMI7nfnvJIBxezcOyjqJGNTykNWJn8N8dMIvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7fefc5c86e552bd5-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
82 KB 89ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

771e3714923ae27dfa0581072f76fa16591231b5197a221f3821a1b750d088c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 20:27:06 GMT

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 16ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: http://cdn.adpushup.com/45157/adpushup.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-15d9d"
Vary: Accept-Encoding
X-HW: 1693427227.dop202.fr8.t,1693427227.cds144.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30875

GET
H2 200 pb.45157.1691569386551.js Show response
cdn.adpushup.com/prebid/ 365 KB
108 KB 95ms
69ms Script
application/javascript 2a02:26f0:780::210:ca41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.45157.1691569386551.js
Requested by: Host: cdn.adpushup.com
URL: http://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:ca41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 927bed48bae33fffc84731fe9e8bfcf7a0bf3f4e414a9bb961e88b1f76008c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-country: DE
date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 08:23:23 GMT
server: nginx/1.18.0
etag: W/"64d34cfb-5b4fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=58, origin; dur=0, ak_p; desc="1693427227060_34654781_271873203_5941_2077_7_0_146";dur=1
content-length: 110648
expires: Thu, 29 Aug 2024 20:27:07 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
560 B 20ms
11ms Script
application/javascript 2a02:26f0:780::210:ca41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: http://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:ca41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-country: DE
date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693427227077_34654781_271873205_18_1805_7_17_146";dur=1
content-length: 211
expires: Thu, 29 Aug 2024 20:27:07 GMT

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

102 KB
29 KB

107ms
71ms

Script
text/javascript

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424567d8566edafd66d521705cd70cce6eceb8a18a8da035e6ec4d74dd4583c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29567
x-xss-protection: 0
server: cafe
etag: 737 / 19599 / m202308240101 / config-hash: 3287751012361123362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:07 GMT

Redirect headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Wed, 30 Aug 2023 20:27:07 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
312 B 107ms
15ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM0MjcyMjcwNjQsInBhY2tldElkIjoiMDAwMEIwNjUtMjYwODVmNTItOGE4Ni00M2NjLTlhMDktYjVhYmUyMzQ1NmM1Iiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkRFIn0%3D&c_b=588.6000022888184
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H/1.1 200
OK sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
441 B 71ms
17ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:07 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 70
Expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
9 KB 117ms
52ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: http://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bee838dec619ff999d7a4f45b7dfd81cdf9353fcb25d0798eb722ec21bb19405

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xZMMKoWDhhRngwf7aHt1aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xZMMKoWDhhRngwf7aHt1aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 22 KB
9 KB 48ms
9ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: HTTP/1.1
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Content-Encoding: gzip
Etag: "sLp6xTjO7svFVaOemhLWUQ=="
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 06 Sep 2023 20:27:07 GMT

GET
H2

200

rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js

160 B
634 B

28ms
8ms

Script
application/javascript

2600:9000:223c:1c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Server: 2600:9000:223c:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:17:17 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: tVRTYABuOvQD0dSYQdgF8sPyqh53_XcEO44T2h9wjCjPHQa-sCbkEg==

Redirect headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: pTGX8_KW_YLILd8q38z5aX70wAqP7g6PPLGJ4sSsvoyfWcv2P-z7ew==

GET
H2 200 pixel;r=1738838815;rf=0;a=p-54Nt-1NAaEEe0;url=http%3A%2F%2Fultrasurfing.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1720539201-1693427227141;pbc=;...
pixel.quantserve.com/ 35 B
372 B 37ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1738838815;rf=0;a=p-54Nt-1NAaEEe0;url=http%3A%2F%2Fultrasurfing.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1720539201-1693427227141;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=1;et=1693427227224;tzo=-120;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F3d5d55b1_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=956104cd-3378-46f3-b289-9ade9f61cca2;mdl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 404 KB
127 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 18:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7198
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 29 Aug 2024 18:27:09 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 334 KB
49 KB 31ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6c3bd8a7d3f322d920f9c7a2b90145096582526846890a1d0796cce530fa1af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: YPfpsCQuI90kOG1fT7JpKgORKPeYUGqK
Content-Encoding: gzip
Via: 1.1 varnish
Date: Wed, 30 Aug 2023 20:27:07 GMT
x-amz-request-id: XZ39PKX98B842V5D
Age: 61
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 49800
x-amz-id-2: EFHm9RPtuM9R3GtyRB0O5P23eAJNcEtutlV8U7yEJBddvN4yX0SyY/1IQa05IWO1yLtKYNhnoWY=
X-Served-By: cache-fra-eddf8230055-FRA
Last-Modified: Wed, 30 Aug 2023 09:22:10 GMT
Server: AmazonS3
X-TBL-DEBUG: bestatus=200,beresp=OK
X-Timer: S1693427227.393037,VS0,VE2
ETag: "031089422ef4bc35315e91cf1bcb4a91"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
abp: 66
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
71 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c889b76feefacf087bb4cf0edf4469f3e790e7a1d831a66104896e283a2c7da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73043
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 19:19:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 20:27:07 GMT

POST
H/1.1 200
OK / Show response
cat2.hbwrapper.com/ 15 B
260 B 288ms
89ms XHR
text/html 68.183.18.251
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat2.hbwrapper.com/
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.18.251 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture2.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Wed, 30 Aug 2023 20:27:07 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 319 B
455 B 41ms
12ms XHR
text/plain 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bd7e9b5b5d775399dd26950d1113c12c5562b72eb74ee1cfc45644075e8b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7fefc5cb694c6916-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
29 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f6c88fb82562815e260ea6540818a842016976a36f6512a7982f69647528e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29569
x-xss-protection: 0
server: cafe
etag: 143 / 19599 / 31077463 / config-hash: 3287751012361123362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 248 KB
61 KB 56ms
8ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:41:45 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2723
etag: W/"bfd42dc650471371e7b049251fcaca58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 7KuiYDNhSbtiU827KUUcgIv-Yg96JpDQ-Gc-AzRQtbDH03yog2Ekjg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 57ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je38s0&_p=1310672055&_gaz=1&cid=1504099132.1693427227&ul=en-us&sr=1600x1200&_s=1&sid=1693427227&sct=1&seg=0&dl=http%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=1504099132.1693427227&gtm=45je38s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
72 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

811711eeb656a073ef95b8c2b5e691e639e5158017f353a8f7ad5f510ee4d4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74136
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 19:19:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 20:27:07 GMT

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

248 KB
61 KB

8ms
8ms

Script
application/javascript

13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:41:45 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2723
etag: W/"bfd42dc650471371e7b049251fcaca58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: y7-rQjMJV8wwwk9rxHtbi_laB7wsTy3Me7rF1dow8Zj9hZH29NGQ8g==

Redirect headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: NBIW6Wn2do7Fr34edCFjCpR4cnsxhm8RdjYjlwE8DXdIN1yAjcmQVg==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 46ms
18ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15978
x-jsd-version: 1.0.1798
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"639-rr6+Inso7vLfgcaPzGHI9pMLd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPG%2B4H%2BTqa04K6L56AMjsNest1MN8vuop6uXY%2B5FDYHgH%2Bun5y41k2VKBRU5zq1ZCseXL3DzuOgxRhoqgvBgGNZLjYDTJAQ95bKBgExlJAazohS8pN7VKx3lsgd72V9L%2FLsQnzHgXv3C9KGOVVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7fefc5cbcd509177-FRA

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 75ms
37ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=1504099132.1693427227&gtm=45je38s0&aip=1&z=1726594018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 310 KB
103 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 03:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105519
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 26 Aug 2024 03:38:59 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 51ms
15ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 01:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 26 Aug 2024 01:03:11 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 53ms
17ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 30 Aug 2023 21:13:58 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 387 KB
131 KB 158ms
106ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8502237298656009&plah=ultrasurfing.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8502237298656009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f2a41dc7e8b2b9d29f7729c006df16fad3289995bfae38d21bace6a9579ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134170
x-xss-protection: 0
server: cafe
etag: 13561999159706070143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230829/r20190131/ Frame 69F4 10 KB
5 KB 52ms
13ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8502237298656009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 18:35:48 GMT
etag: 9878862242593084568
expires: Wed, 13 Sep 2023 18:35:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hc23cgzvky Show response
www.clarity.ms/tag/ 649 B
1012 B 178ms
104ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hc23cgzvky
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90b8bc34034fb3394a913ac3bfc9ecda19163ab8b561e7e6d325f3536247134b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: -1
date: Wed, 30 Aug 2023 20:27:07 GMT
x-azure-ref: 20230830T202707Z-ytyz4x4sn55v38gug6cks0h2ds00000000u000000001t29s
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 649
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 808 KB
209 KB 61ms
11ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=644662fd5e555cc28b0f44a5&AV_PUBLISHERID=6446608883ac0940fc0b13ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 24095533dbae557b1bd3382e30fc3757cca99461f6e750d91b53e97dd71acd70

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Aug 2023 07:39:44 GMT
etag: "1692776384"
x-hw: 1693427227.dop264.fr8.t,1693427227.cds128.fr8.hn,1693427227.cds108.fr8.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 213742

GET
H2 200 track
track1.aniview.com/ 0
98 B 335ms
95ms Image
text/plain 23.22.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=6446608883ac0940fc0b13ca&cid=6446621c2b382b7b120d03d3&cb=1693427227565&r=ultrasurfing.com&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&d35=&d65=&d66=8&d74=&e=playerLoaded&str=viewable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-92-111.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 impl.20230829-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 803 KB
167 KB 26ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: ZGlhiiQqqqnagE6bshkNEUfpjhfaa1ba
content-encoding: br
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:07 GMT
x-amz-request-id: 9YG304DKSP74XNZ2
age: 9344
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169980
x-amz-id-2: AFw9rhrpPFfjIWlCsTpQYfQ4JmOOgfpX0PijO55PmxMX81A005BVF26wHFMT5OZngLMFT0Y/buo=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Tue, 29 Aug 2023 09:51:12 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427228.620212,VS0,VE0
etag: "187ed73a057d935141b5b3438fd55c4f"
vary: Accept-Encoding
content-type: application/javascript
abp: 98
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 26

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 144 KB
53 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89424ef5012aa28287695f3d89b6acdb4c65c9319bb96121e827b2e56daa2312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "6075305853131827803"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Wed, 30 Aug 2023 20:27:07 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:25:37 GMT
x-content-type-options: nosniff
age: 450090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 24 Aug 2024 15:25:37 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 22:20:09 GMT
x-content-type-options: nosniff
age: 425218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 24 Aug 2024 22:20:09 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 82ms
24ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Protocol: HTTP/1.1
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

POST
H2 204 prebid Show response
ib.adnxs.com/openrtb2/ 0
439 B 51ms
28ms XHR
text/plain 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/openrtb2/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
an-x-request-uuid: fa6627e1-7f3d-43f3-808b-8cba497a43e7
server: nginx/1.21.3
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
402 B 533ms
174ms XHR
application/json 209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.7.0
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: e0e63cfb1be23789d80e4c4cf60ddeb95685b0517e8e563ff04b0eead5bd6545

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Aug 2023 20:27:08 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://ultrasurfing.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 58ms
13ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 30 Aug 2023 20:27:07 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
552 B 67ms
29ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=930331
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6bf70385dbfb38591fb8fa9d3ac00743f4dbc7c94671cd96d4e32cdebec601

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M%2FM0MHOyKj%2FHlIrguF9i0T2bA3epchOOWzLAFAu%2F7KwB2%2FL5pDj0H6%2F01Mv9zAc46t%2Fy2tnMD9gIN75qNFX1KXvrz%2FpFeMeiaFonsLTa96RP9rXXS7%2FztqunTF5hAXb0mKvw9wK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7fefc5cd9e1fbbdf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
366 B 51ms
14ms XHR
application/json 3.64.142.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.142.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-142-32.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f22f5d3f0e493e7b7fef483ac8e6ca3e684b550d9edc1759d0ee0c823193a56a

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 249 B
814 B 24ms
13ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d9c511e7db751c8df192ac6b86874dda928b8bd2d05dbca5c2a6ffc429aca7a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
an-x-request-uuid: b484eaba-64bf-457b-b6d9-e73b8e2c6807
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 249
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 186ms
35ms XHR
text/plain 18.200.206.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=8.7.0&p=%5B%7B%22placement_id%22%3A%22deeda97f-4642-48e8-b8ea-f374fed94e8c%22%2C%22callback_id%22%3A%22389e31e22a72813%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22placement_id%22%3A%22386ceb00-e5cc-460c-a9f6-1837fa3c8149%22%2C%22callback_id%22%3A%2239c2c5486e99e81%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&bust=1693427227743&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=d994362d-6518-4af5-b39e-ec48a4abebae&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-1720539201-1693427227141%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d994362d-6518-4af5-b39e-ec48a4abebae%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.206.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-206-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
258 B 72ms
19ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e36ee281df71dbfa63b0b3e6ff1c3490b579725665cf7fa31bc9a1b97bb98e11

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
335 B 516ms
127ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Wed, 30 Aug 2023 20:27:08 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 31
Content-Type: application/json; charset=utf-8

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 248 B
812 B 20ms
16ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c3ea1b6cc32fcbef280138e6a3ca1cdcb85f8ff2e3cf8155cb996bb6b7587d7b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
an-x-request-uuid: 040508b0-1719-4fd7-8639-abc28d86bca3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 248
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 210ms
138ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_quantcast.com=P0-1720539201-1693427227141%5E1&eid_pubcid.org=d994362d-6518-4af5-b39e-ec48a4abebae%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v8.7.0&l_pb_bid_id=49120e60c72e57d&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.0012133142549075604
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4bd0a81018f1b3e605c1cffc215ae9ded64845860d99e4c034f81c8e45bdaf30

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 243ms
171ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_quantcast.com=P0-1720539201-1693427227141%5E1&eid_pubcid.org=d994362d-6518-4af5-b39e-ec48a4abebae%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v8.7.0&l_pb_bid_id=50e11fbc118e28a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.7350442532860144
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 67f56cd18729bc8197080c7bf7b3a8c9776084b94fcb71ef06bb2dd61980fe9c

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
430 B 149ms
38ms XHR
application/json 63.32.5.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.32.5.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-5-54.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 531aec0ab20ed5fd32b06dfa565c7edfc1f406a5e6cc38ffe3499fbde4339186

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: http://ultrasurfing.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
163 B 62ms
17ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

GET
H2

200

rules-p-WFJsXCa9VD158.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js

160 B
632 B

9ms
8ms

Script
application/javascript

2600:9000:223c:1c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Protocol: H2
Server: 2600:9000:223c:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:53:04 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2045
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Tue, 11 Apr 2023 19:39:28 GMT
server: AmazonS3
etag: "8451e96214684fb5c6ec4f91dde0548e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: c7UKIe4ae5SBPPDtTeGiHu6taeA0d0__-sndRBOrktY_k4Twj-LHGw==

Redirect headers

Date: Wed, 30 Aug 2023 20:27:07 GMT
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 0yqyK2j5q8bUJCZtcu9hYwKMG_mkZ7SE4bfuT6xdeVaSV7RLj98voA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 32ms
8ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Sep 2023 20:27:07 GMT

GET
H2 200 loader.js Show response
static.anonymised.io/light/ 447 B
855 B 82ms
14ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 972a75985f4638e8b61493a94d3b6fde1650bc824af40ded0b21c3bf66354b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:25:53 GMT
content-encoding: gzip
age: 74
x-guploader-uploadid: ADPycdvAOPfAMGgacLqzm90IOVegQVFWKYrG3uPK67u3nKc-Cd3XEwfRA9NnNQvPUuAc7vO-48ez9KEbrqHpl9LwACGJpA
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
last-modified: Mon, 14 Aug 2023 15:49:14 GMT
server: UploadServer
etag: "1957f8e38f223521d683b261f8b2510a"
vary: Accept-Encoding
x-goog-generation: 1692028154512371
x-goog-hash: crc32c=nnvqQw==, md5=GVf4448iNSHWg7Jh+LJRCg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=600
x-goog-stored-content-length: 313
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 30 Aug 2023 20:35:53 GMT

GET
H2 200 pixel;r=751622630;source=gtm;rf=3;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0;uht=2;fpan=1;fpa=P0-1720539201-1693427227141;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;c...
pixel.quantserve.com/ 35 B
210 B 9ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=751622630;source=gtm;rf=3;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0;uht=2;fpan=1;fpa=P0-1720539201-1693427227141;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=1;et=1693427227835;tzo=-120;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F3d5d55b1_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=956104cd-3378-46f3-b289-9ade9f61cca2;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:07 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 109ms
109ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e267a8e0d465a58d329ff34ee49940aed28dcfe6eedc3bf6457e1e72d33371f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:07 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3861
x-amz-cf-id: vQeyv5HPnGxis0M2yH8Bcdlm1J6sIgMKe6t4COj-qyBCZW9o9qvZsA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 133ms
51ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&pid=lwrxK4fiox9DU&cb=0&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22deeda97f-4642-48e8-b8ea-f374fed94e8c%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%22386ceb00-e5cc-460c-a9f6-1837fa3c8149%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 85YHW4GFD10TMRQKYDAM
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IyefFlsVnlITsrSQ0DVdjWN7nYNv95Q88l0Rt1NhPnGevfB-sunvAg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 39ms
21ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 13:53:52 GMT
x-amz-cf-pop: FRA2-C1
age: 23596
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Bc7FVBrUgDBi4k7ptdYVlyMMrSjUtKcd6yoGrS5DRI5ASzkyHzzkpw==

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

46 B
288 B

261ms
17ms

Script
text/javascript

2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Protocol

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 229088
expires: 60

Redirect headers

location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control: no-cache
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 69 KB
20 KB 644ms
624ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=22%3A27%3A08.026&lti=deflated&data=%7B%22id%22%3A840%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693387320695%2C%22vi%22%3A1693427228020%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1465%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A105%2C%22mw%22%3A950%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1367.3125%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A388%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 074707ddccdd3ddae836df447e5cd3878e37104388431b3bc02b7f1081749aa9

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 613
date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7511
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693427228.052157,VS0,VE613
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/8.3/v/libs/ 410 KB
114 KB 11ms
11ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 8a5718af3b191853cb0e4adc070983f02d6dd3d85233cff49ddcc42a7397d1c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
last-modified: Wed, 23 Aug 2023 07:39:44 GMT
etag: "1692776384"
x-hw: 1693427228.dop264.fr8.t,1693427228.cds128.fr8.hn,1693427228.cds256.fr8.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 116576

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 34 KB
35 KB 31ms
10ms Font
application/octet-stream 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
last-modified: Wed, 23 Aug 2023 07:39:44 GMT
etag: "1692776384"
x-hw: 1693427228.dop212.fr8.t,1693427228.cds148.fr8.hn,1693427228.cds157.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 35197

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame B6DE 476 KB
128 KB 486ms
12ms Script
text/javascript 2a02:26f0:2c:2bc::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6446608883ac0940fc0b13ca
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:2c:2bc::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtljXN-10sXnDTmX2bVO2hZOC6rxRQz9hhV1rwude5K2kzNhN3i7uxNre2ojXbadAimBlNFqWkjZkptw3bm7Hvr
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 130379
last-modified: Wed, 23 Aug 2023 20:53:33 GMT
server: UploadServer
etag: "25aee45ea3338112064b801c98043832"
vary: Accept-Encoding
x-goog-generation: 1692824013316426
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 130379
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:37:08 GMT

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
2 KB 481ms
13ms Image
image/png 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 30 Aug 2023 20:27:08 GMT
cdn-edgestorageid: 864
cdn-cachedat: 02/05/2023 21:16:32
cdn-pullzone: 1027527
content-length: 1265
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: BunnyCDN-DE1-1075
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 3b95e96f9a672f735f7e0ff2e5f475c7
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
607 B 474ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ultrasurfing.com&callback=_gfp_s_&client=ca-pub-8502237298656009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8502237298656009&plah=ultrasurfing.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bdc4d6cd624c03a9741dab9d074526f31cb01f4f4708f460e4b75b2dbf2243a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0A6 128 KB
41 KB 654ms
638ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&adk=1812271804&adf=3025194257&lmt=1693420028&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693427227505&bpp=4&bdt=695&idt=847&shv=r20230829&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8514014216088&frm=20&pv=2&ga_vid=1504099132.1693427227&ga_sid=1693427228&ga_hid=1310672055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077324%2C31077372&oid=2&pvsid=1277819846769102&tmod=456507242&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=878

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32509e0b99553fc1895491487bebfa0bab83543f145156ad14ee3d3fd4a32734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41313
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 20:27:09 GMT
expires: Wed, 30 Aug 2023 20:27:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 65ms
64ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230829&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8946f10e815e5128da9f5a8cc749164d7319fac36c06195fc3251a1fcd0eed94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11718
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 32ms
32ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hc23cgzvky
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: br
last-modified: Mon, 28 Aug 2023 20:30:54 GMT
etag: W/"0x8DBA805ADEDAF89"
vary: Accept-Encoding
x-azure-ref: 20230830T202708Z-ytyz4x4sn55v38gug6cks0h2ds00000000u000000001t2e2
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 54a9623e-c01e-003b-0f18-da6b7f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5751CBACFDDF4F68A0C3B1A617E29269&RedC=c.clarity.ms&MXFR=2C9BE9121B9A60D2268BFA6F1F9A6EB7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5751CBACFDDF4F68A0C3B1A617E29269&MUID=26F204B8FFCF6B4D3ECA17C5FE1D6A43

42 B
466 B

30ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5751CBACFDDF4F68A0C3B1A617E29269&MUID=26F204B8FFCF6B4D3ECA17C5FE1D6A43
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F450A7E5808B4179B64CA85C0B065210 Ref B: FRAEDGE2019 Ref C: 2023-08-30T20:27:08Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5751CBACFDDF4F68A0C3B1A617E29269&MUID=26F204B8FFCF6B4D3ECA17C5FE1D6A43
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 435ms
18ms Script
application/javascript 23.205.176.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-176-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Wed, 30 Aug 2023 20:42:08 GMT

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 81ms
18ms Script
application/javascript 23.205.176.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-176-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 19:40:17 GMT
Server: Apache
ETag: "d734-5f2f3919e751f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17407
Expires: Wed, 30 Aug 2023 20:42:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 38 KB
12 KB 429ms
24ms Script
text/javascript 18.165.201.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.201.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-65.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 11:35:11 GMT
content-encoding: gzip
via: 1.1 aa2f611dc578ba7eecb9a39cb23b1b70.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:15 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-P3
age: 31918
x-amz-server-side-encryption: AES256
etag: W/"560498a44e7d42477433425cdafd6a16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: s-VZV3APZLwqzwdUL4JzAMlBDPJavN9Tb0k-KmWjbYk8tfEEUhxELQ==

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 24 KB
8 KB 423ms
22ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:36 GMT
server: cloudflare
age: 532355
etag: W/"64cd45ac-60bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7fefc5d3f92a8fca-FRA
expires: Sat, 02 Sep 2023 20:27:08 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 424ms
20ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ref=&_it=amazon&partner_id=405
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 May 2023 16:51:11 GMT
server: cloudflare
x-amz-request-id: CYR6ZEGAGSH9EK3S
age: 4495
etag: W/"82b3b53182a6a8dbe6684806275e839a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7fefc5d40f681992-FRA
x-amz-id-2: YYdcwitRr3DHNt7NQm1+Sg902LJSB4f7qhP3lwSODEZFT62tqhOtbf8uahKDj8SpjLadVWf2scE=

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

118 KB
26 KB

44ms
20ms

Script
text/javascript

2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: 2QBKQ4QA32SP9CMW
age: 2070
etag: W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fefc5d49bb89012-FRA
x-amz-id-2: hAO4vpEQ8oqUmikiIdl6fb/V8IFLCXiSJ7HFuklOuHrKgCYv5p8B5/3DBpnMUqzB5t8cMcUUJL/IXzqIJmno6A==

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET envelope
lexicon.33across.com/v1/ 0
0

GET
H2 200 / Show response
id.a-mx.com/sync/ 66 B
541 B 398ms
31ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=http://ultrasurfing.com/&tl=http://ultrasurfing.com/&nf=0&rt=true&v=8.7.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354f063b7b17c691db2b5f70d15f8d09aea7c7728dd98ca682aeb83d85455fbb

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISuyLiZDvbu3F2QT8HQ%2BMDJnexKMPnqsD3GOPmUHK9Y%2FRB%2FXzgUEQprvgbesufFUiZjGOYMZ8xkuvUqEYc6ta0cQr6vwxWaArqGLVa33Oua4gRoi8RQYCmi72un7cvmJDolO%2FT5TKWCx0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
cf-ray: 7fefc5d41dd9995d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
373 B 18ms
17ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 209471
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 141 B
314 B 379ms
18ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 7fefc5d409c01e31-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
544 B 358ms
15ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 any Show response
idx.liadm.com/idex/prebid/ 0
312 B 452ms
93ms XHR
text/plain 3.210.209.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.210.209.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-209-86.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 505a277dc9f0e2ab
vary: Origin
request-time: 1

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
318 B 386ms
33ms XHR
application/json 18.203.189.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17228
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.189.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-189-31.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.24.243
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
338 B 392ms
37ms XHR
text/plain 2.19.85.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:08 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 30 Aug 2023 20:27:08 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
21 KB 611ms
610ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1277819846769102&correlator=1526943583644611&eid=31070232&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124&ifi=3&didk=1898641770~223986390&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1693427228481&lmt=1693420028&adxs=720%2C436&adys=1401%2C1401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&vis=1&psz=1600x1401%7C1600x1401&msz=160x0%7C728x0&fws=128%2C128&ohw=0%2C0&ga_vid=1504099132.1693427227&ga_sid=1693427228&ga_hid=1310672055&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvb6DwaQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi9voPBpDFIAFICCGQSGQoKcHViY2lkLm9yZxi8voPBpDFIAFICCGQSGQoKdWlkYXBpLmNvbRi9voPBpDFIAFICCGQSGwoMbGl2ZXJhbXAuY29tGL2-g8GkMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YvL6DwaQxSABSAghkEh0KDmxpdmVpbnRlbnQuY29tGL2-g8GkMUgAUgIIZA..&dlt=1693427226810&idt=535&ppid=d994362d65184af5b39eec48a4abebae&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Ddocmorris.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.08%26hb_adid%3D5852b9b5fc50f28%26hb_bidder%3Drubicon%26anh%3Dsticky%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmercedes-benz.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.14%26hb_adid%3D595f1592aa6c2cb%26hb_bidder%3Drubicon%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D200%26padpr%3D12%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26fabrickIdtest%3Dna%26uids%3DquantcastId%252Cpubcid%26uids_c%3D2%26waai%3D300%26waae%3D700%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&adks=2124594652%2C3607180488&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609c6799630ec0463d0cdac97b62685df6561709429a2986add330b727889e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21814
x-xss-protection: 0
google-lineitem-id: 5182336447,5182336453
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288561071,138328510972
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFF6 6 KB
3 KB 85ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 20:27:08 GMT
expires: Thu, 29 Aug 2024 20:27:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BBB 100 KB
36 KB 665ms
654ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=3549011610&pi=t.ma~as.1261171629&w=300&lmt=1693420028&format=300x250&url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&wgl=1&dt=1693427227510&bpp=1&bdt=700&idt=1001&shv=r20230829&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8514014216088&frm=20&pv=1&ga_vid=1504099132.1693427227&ga_sid=1693427228&ga_hid=1310672055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=975&ady=327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077324%2C31077372&oid=2&pvsid=1277819846769102&tmod=456507242&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6NUtT9qzf8&p=http%3A//ultrasurfing.com&dtd=1008

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

159fb301ff3b3fe5835e4cd6cbf5e2e9c8269d8a2c59419622b7dbb6beed03b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36775
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 20:27:09 GMT
expires: Wed, 30 Aug 2023 20:27:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 hourlystat Show response
tempnextstat.bcovery.com/ 1 B
83 B 24ms
21ms XHR
text/plain 34.117.132.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tempnextstat.bcovery.com/hourlystat
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.132.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8

GET
H2 200 bundle.js Show response
static.anonymised.io/light/ 110 KB
31 KB 15ms
14ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/bundle.js?v=0.2.4
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bac6f567edb41bd88ee92307a57cb5d53f535cc0337fb2a975e610af79a5fa4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:17:33 GMT
content-encoding: gzip
age: 575
x-guploader-uploadid: ADPycdv0E7X-Jedruav1Q6uPQ1akVvQjtNW6q2iZM_JKoIOj2lCOLIL3UZ0SCZowCeEhRWsZhHv60GCbzHavqzVHyQX0bw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31669
last-modified: Mon, 14 Aug 2023 15:49:10 GMT
server: UploadServer
etag: "4a71ff9295632b4fba5f48b94c089868"
vary: Accept-Encoding
x-goog-generation: 1692028150338881
x-goog-hash: crc32c=E+lgNA==, md5=SnH/kpVjK0+6X0i5TAiYaA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 31669
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 30 Aug 2023 20:37:33 GMT

GET
H2 200 floating-unit.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 8ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ed09e05dd4c0cb72ba7fe32de99209fd1d11c8ad2d64754e5a1b21592864c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: uBtO1U7Ij3jQPFCR8TwRADedsM5jYMzI
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:08 GMT
x-amz-request-id: QGSVVPW1ZXVNZHM8
age: 40106
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: PAEgriVeilWJ9h+y/dUCpsLVkDs2uWp5RJJbDk3DGq98/v6Pj9pxHC3MFWzDyV/qCMewF+TPCFM=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:18:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427229.686519,VS0,VE0
etag: "03fd3aae6d0e8ef58c715759c4a23032"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 806

GET
H/1.1 200
OK UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.6/ 125 KB
36 KB 23ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e34222b88bb8dd60c1200d0422c58749ca77f9bd11f914adfa547112b594a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:08 GMT
Via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 129830
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront, HIT
Connection: keep-alive
Content-Length: 35854
X-Served-By: cache-fra-eddf8230039-FRA
Last-Modified: Tue, 29 Aug 2023 08:23:00 GMT
Server: AmazonS3
X-Timer: S1693427229.827060,VS0,VE0
ETag: "f76b1e9d5dacd2063a335a6684ebb080"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fktGwlqIDJ747cz_RL-kyvP9QPFN00LG4agTaNzr9HZ8umFM8XnS6Q==
X-Cache-Hits: 22934

GET
H2 200 feed-card-placeholder.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 27ms
27ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e6ed2edf25d329b12e223260eec4eced66497095de78869e27d5a0e76b073a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: N_h3Ewfu9fI_A0Sa8JETZX4brpNXXtx0
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:08 GMT
x-amz-request-id: PHNJAQXJQ354PZX6
age: 40113
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: nHinG5mesc50magO9Kt24nNJzsrDsOt83j4jZNA5upC/b1fPXrfhQXUyl5mmNiOyXaFAoqNHECw=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:18:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427229.697758,VS0,VE0
etag: "64d43b969dee28c40e211efbebe76244"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8463

GET
H/1.1 200
OK f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
3 KB 7ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding: gzip
Via: 1.1 varnish
Date: Wed, 30 Aug 2023 20:27:08 GMT
x-amz-request-id: CCG7A4WVWN5WJAVZ
Age: 47
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1758
x-amz-id-2: TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
X-Served-By: cache-fra-eddf8230055-FRA
Last-Modified: Wed, 07 Feb 2018 11:15:52 GMT
Server: AmazonS3
X-TBL-DEBUG: bestatus=200,beresp=OK
X-Timer: S1693427229.712569,VS0,VE0
ETag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
abp: 4
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Cache-Hits: 62

GET
H2 200 userx.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 11ms
11ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: md1_sIy4BRX.xmE7qpIH8IXIGfbuq5qr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:08 GMT
x-amz-request-id: SHMN7P1BF5BPGNX5
age: 40084
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: FyRXWUgMbzeHna0TzqZY3LLvTaEX9z0oIFfTKluj6TS7AplBOxAZ54cAwT7s3IeciePMu+UTIYI=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:19:05 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427229.716864,VS0,VE0
etag: "465df069033ddeffaac71b302063aca4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 7
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6073

GET
H2 200 distance-from-article.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 11ms
11ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 116c470561f08bc0c384f9306f59865db7fe8c0c2efc7b2435ecbb4417130fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: nFbzo7z3YmcaBIY3Sq0U9USTbdfkHvKw
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:08 GMT
x-amz-request-id: CT8J0SE9QVYNDKFJ
age: 40117
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: M3Jf66+7Fksg9zN2wlBqrhNKncaV5zUPJl0/KKH/pX/MQPcn+l5JZtjvTlAE8sVhTIgiS9I0CgU=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:18:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427229.716854,VS0,VE0
etag: "d3c78503a4dca5b679b3131ddb4764a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12906

GET
H2 200 article-detection.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 10ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 549b0d45dfe1adef0f4412220c9e7b22ea9aff17db7545eb0534182a8f8d3ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: lrTXX06eeqd.XyufJs3i4vxYgvTfATYH
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:08 GMT
x-amz-request-id: XZGNK1YCSZYYECRY
age: 40124
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: L6pwf8tlcUlrwIeZh92PXIJV/Vf4+uYk2RtRKH444S7I63cHHM2W7N8NjMdOYf5vJRkLJYGNdYk=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:18:26 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427229.716808,VS0,VE0
etag: "7ee057ba0a60fbf7fc3879e1798df625"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 77
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 13126

POST
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 17ms
16ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=12316&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1693427228739%7D&tim=22%3A27%3A08.739&id=3358&llvl=2&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&pi=/&wi=-1709852854480885386&pt=home&vi=1693427228020&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
90 B 80ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=22%3A27%3A08.673&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=3571&cv=20230829-7-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13623

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 69ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=12316&lti=deflated&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&pi=/&wi=-1709852854480885386&pt=home&vi=1693427228020&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=22%3A27%3A08.683&id=8736&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 66ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=12316&lti=deflated&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&pi=/&wi=-1709852854480885386&pt=home&vi=1693427228020&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693427228700%7D&tim=22%3A27%3A08.700&id=9813&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
90 B 61ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=22%3A27%3A08.733&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=8128&cv=20230829-7-RELEASE&lt=deflated&idx=pc&pc=split-1&st=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12862

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 371ms
19ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 30 Aug 2023 20:27:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 206907
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 hourlystat
tempnextstat.bcovery.com/ Frame 0
0 297ms
19ms Preflight 34.117.132.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tempnextstat.bcovery.com/hourlystat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.132.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 30 KB
10 KB 498ms
498ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=22%3A27%3A08.793&route=AM:AM:V&tvi2=12316&lti=deflated&data=%7B%22id%22%3A697%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA%22%2C%22ui%22%3A%222ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c%22%2C%22uifp%22%3A%222ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c%22%2C%22lbt%22%3A1693387320695%2C%22vi%22%3A1693427228020%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3227%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1199.125%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eda367d52037063316fbf43a70f0123fb5ad5a0175375e7e4053102df9a27ee1

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 491
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7427
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693427229.795835,VS0,VE491
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 7e1859df94458ff181dcbc91154aedfe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 12ms
11ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e1859df94458ff181dcbc91154aedfe.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7006a8b11a3abeda99bfb74de1bc8ab8d57cc63c70262b8e37f377a43eb66468

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e1859df94458ff181dcbc91154aedfe.jpg
age: 1242777
edge-cache-tag: 332202186785517654752073628691777932872,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 332202186785517654752073628691777932872,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 389
req-referer: https://ads.taboola.com/
content-length: 29014
x-request-id: 04a14baccfbce2c046dceec9d97c0c83
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kjyo7100040-IAD, cache-chi-kigq8000176-CHI, cache-iad-kjyo7100112-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 15 Aug 2023 14:27:10 GMT
server: nginx
x-timer: S1693427229.828373,VS0,VE4
etag: "bbad14d9464a88b0ca570a81ab64b170"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 146, 1

GET
H2 200 2ee18242dc2d5eda28cadfa35c3ae3d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 9ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ee18242dc2d5eda28cadfa35c3ae3d2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 15bfe024c6901e652462c628893e39356741b7ef95b174887dff58dba2d2ec72

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ee18242dc2d5eda28cadfa35c3ae3d2.png
age: 428057
edge-cache-tag: 599401652562235241018796229892401720991,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 599401652562235241018796229892401720991,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 72
expiration: expiry-date="Mon, 11 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport5.co.il/
content-length: 5644
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kjyo7100076-IAD, cache-iad-kcgs7200140-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 11 Aug 2023 07:53:33 GMT
server: nginx
x-timer: S1693427229.832413,VS0,VE1
etag: "9d9edb45f212674b287cae01eab98596"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 1

GET
H2 200 01782ad40ca0eb169f2630f4d7dfd436.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 14ms
10ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01782ad40ca0eb169f2630f4d7dfd436.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0897c46b4e0e8afa0155063ac17f661448f11f08bc0707c9d7bd1c4f31f01d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01782ad40ca0eb169f2630f4d7dfd436.jpeg
age: 524801
edge-cache-tag: 339951368219013923150561119132174343463,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 339951368219013923150561119132174343463,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1651
req-referer: https://psychicmonday.com/
content-length: 5382
x-request-id: 7ad8823c1188e09cae6e5a1599c9e32e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kjyo7100115-IAD, cache-iad-kiad7000126-IAD, cache-fra-eddf8230023-FRA
last-modified: Thu, 24 Aug 2023 14:10:02 GMT
server: nginx
x-timer: S1693427229.842268,VS0,VE1
etag: "7a2f48350343ad8cd6205da0b6fb87a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1

GET
H2 200 7f81e742d752b9126000c9098b84c20c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 13ms
10ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f81e742d752b9126000c9098b84c20c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecf8f447213a059e4a8c6c42b871243a712559bc8941caeff6a9bdb4e9164e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f81e742d752b9126000c9098b84c20c.jpg
age: 1335120
edge-cache-tag: 411122531802132823973870071352852983868,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 411122531802132823973870071352852983868,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 358
req-referer: https://weightlossgroove.com/
content-length: 4874
x-request-id: 8ab6a53ac8441cd0bc8b128b461cdcaa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kiad7000069-IAD, cache-lga21927-LGA, cache-iad-kjyo7100084-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 14 Aug 2023 14:05:57 GMT
server: nginx
x-timer: S1693427229.842543,VS0,VE1
etag: "2ae60e978ae6b17d40d4d85d405e39e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 16, 1

GET
H2 200 0e610f0421fe0c39e0dcc0044cadabcd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 47 KB
48 KB 12ms
12ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e610f0421fe0c39e0dcc0044cadabcd.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d29376f388021cc3596a91eb1a1a83ecf97a3354350f34e31a050b02a2e756b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e610f0421fe0c39e0dcc0044cadabcd.jpg
age: 41189
edge-cache-tag: 439437668230294112305176807941322946166,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 439437668230294112305176807941322946166,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 210
req-referer: https://www.tichyseinblick.de/kolumnen/stephans-spitzen/wenn-gruen-geschaeftsschaedigend-ist/
content-length: 48240
x-request-id: 2c65597a7234193bf9355d70b5184c23
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kiad7000106-IAD, cache-iad-kcgs7200027-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:00:31 GMT
server: nginx
x-timer: S1693427229.842928,VS0,VE2
etag: "aa4baf86dedd2e7787940982c0a26cda"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1

GET
H2 200 c0767bd5ac6c0ccd8898fd9e8a763d7c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 11ms
11ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0767bd5ac6c0ccd8898fd9e8a763d7c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dbc4865442379cdd84ba896a93240a19ef25890dffce8d158dc879b5d53b3756

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0767bd5ac6c0ccd8898fd9e8a763d7c.jpg
age: 2153597
edge-cache-tag: 570812493056311747500302573078727732681,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570812493056311747500302573078727732681,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 411
req-referer: https://weightlossgroove.com/
content-length: 12508
x-request-id: c1f97540e51216cc41e81f6d5c16840c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kcgs7200139-IAD, cache-sna10733-LGB, cache-iad-kcgs7200035-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 10:44:39 GMT
server: nginx
x-timer: S1693427229.843025,VS0,VE2
etag: "e98b104ba271857f28617affcacdfbaa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 85, 1

GET
H2 200 200538988-005__ycADrecK.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/ 28 KB
29 KB 16ms
13ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/200538988-005__ycADrecK.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a312a942fac398f71b8ad4dbfdb25253c442a8ab8e97ad512ef7fc0c1cb9623f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/200538988-005__ycADrecK.jpg
age: 2891057
edge-cache-tag: 602134485717045294048603140773923929932,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602134485717045294048603140773923929932,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 55
expiration: expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.oggi.it/video/attualita/2023/08/10/massimo-segre-molla-cristina-seymandi-davanti-a-tutti-ti-dono-la-libera-e-la-lascia-davanti-a-tutti/
content-length: 28376
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200044-IAD, cache-iad-kjyo7100173-IAD, cache-chi-kigq8000100-CHI, cache-iad-kjyo7100137-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 19 Jul 2023 09:28:32 GMT
server: nginx
x-timer: S1693427229.857805,VS0,VE3
etag: "8fe3927bfc86a84e819812903081acc8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 78, 1

GET
H2 200 f158aeb52263aef0805f4b5abaecfcbc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 9ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d2a132ef6738626fc7f481db2ae94e5a01c13013090dee66370944dd80aa22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
age: 1176245
edge-cache-tag: 390508218841952208715543860247050564844,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390508218841952208715543860247050564844,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 169
expiration: expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.wn.de/
content-length: 24372
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kjyo7100169-IAD, cache-sna10733-LGB, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 15:02:01 GMT
server: nginx
x-timer: S1693427229.857842,VS0,VE1
etag: "b46c7a69a24edf415f4fa1c2266fb5d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 66fdc11f6f1741b5db99b05dc22b8645.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
32 KB 10ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66fdc11f6f1741b5db99b05dc22b8645.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 781090a17e7ef134a15d1eb6deec4a6cb312eba2eb7b76122688559d7664a608

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66fdc11f6f1741b5db99b05dc22b8645.png
age: 812785
edge-cache-tag: 423832801527416018012382141642402187892,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 423832801527416018012382141642402187892,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 94
req-referer: https://contextualpalace.com/
content-length: 32504
x-request-id: 779251c5bcaefaf6cd2888217da33d1d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200049-IAD, cache-iad-kcgs7200049-IAD, cache-sna10741-LGB, cache-iad-kiad7000157-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 08 Aug 2023 15:38:16 GMT
server: nginx
x-timer: S1693427229.857941,VS0,VE2
etag: "df494f65c9b9f24eca00ca122f0d1390"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 5, 1

GET
H2 200 e574d0774c48691f3af0ae2061af35d3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 38 KB
39 KB 10ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 389067ab18faff869d6db8acea50f4292632eb33f3547918a4ac00d95434b24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
age: 1425373
edge-cache-tag: 578705306751097711567236155726779671145,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578705306751097711567236155726779671145,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 454
req-referer: https://www.wunderground.com/
content-length: 39082
x-request-id: e2ac62200b52da9df5dc699107954248
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100093-IAD, cache-iad-kiad7000067-IAD, cache-lax10681-LGB, cache-iad-kjyo7100153-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 11 Aug 2023 14:47:32 GMT
server: nginx
x-timer: S1693427229.858174,VS0,VE2
etag: "226d8cbec89dafacc160d8c6ae65ee8c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 8b60358e-bcb3-464c-af3e-b6e3d7eae7ca__GTwbylaN.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 33 KB
34 KB 20ms
12ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b60358e-bcb3-464c-af3e-b6e3d7eae7ca__GTwbylaN.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2795c2555cc2103629f87ecf1c1950d3dcc014eec08fd22f52894965dbc29922

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b60358e-bcb3-464c-af3e-b6e3d7eae7ca__GTwbylaN.jpg
age: 39561
edge-cache-tag: 291274232689832571826283468129384376861,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291274232689832571826283468129384376861,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 425
req-referer: https://www.t-online.de/
content-length: 34178
x-request-id: 9e6f4b3b50578a21a18b2984e505f89e
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000134-IAD, cache-iad-kjyo7100106-IAD, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 29 Aug 2023 11:06:27 GMT
server: nginx
x-timer: S1693427229.874342,VS0,VE2
etag: "6b9eaeddbf01e15400497983abc5841d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1

GET
H2 200 604f64db35ad7d8e32fc4a7cffa729ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 15ms
12ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b4d5d2515121b6edf64cede21340a8f9fec8b04371f1b04b07765aecf70f00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age: 2384480
edge-cache-tag: 380932827776598572844696039841441315722,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380932827776598572844696039841441315722,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 88
expiration: expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.familysurf.de/
content-length: 14780
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kcgs7200095-IAD, cache-chi-klot8100028-CHI, cache-iad-kcgs7200155-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 05 Jul 2023 18:37:47 GMT
server: nginx
x-timer: S1693427229.874546,VS0,VE1
etag: "0546338eb49e1467bf0277eeb77743dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 24, 1

GET
H2 200 5e846bd712d88f8f88e0d380c91c3f07.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 13ms
12ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e846bd712d88f8f88e0d380c91c3f07.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 196cd00c896a1bb63d36e82154a29945a89736829cbd087edff795bb761f41d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e846bd712d88f8f88e0d380c91c3f07.jpg
age: 1418766
edge-cache-tag: 465218785552688852396311911958069590048,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 465218785552688852396311911958069590048,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 145
expiration: expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espn.co.uk/
content-length: 19664
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000127-IAD, cache-iad-kcgs7200073-IAD, cache-lax10632-LGB, cache-iad-kiad7000047-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 31 Jul 2023 06:40:35 GMT
server: nginx
x-timer: S1693427229.874498,VS0,VE2
etag: "75354a669145663bc2a502f9eae2165c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 85ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:27:08 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 67ms
21ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

838428441c139fbdb2f8976608fb144594cf3393af579f8dfc4a4be1bd7cfe9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 206 https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2F%2Fh_400%2Cc_scale%2Fv1655289863%2Fsbfcvda1gqwcij41gdnv.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 162 KB
163 KB 19ms
10ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2F%2Fh_400%2Cc_scale%2Fv1655289863%2Fsbfcvda1gqwcij41gdnv.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.44 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

51d50e35fef162329c65f20917c771ddefd3fd26d7662d2332e119d9181353f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=604800
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 20:27:08 GMT
age: 2040502
x-cache: HIT, HIT
Content-Range: bytes 0-165889/165890
server-timing: cld-akam;mitm=f;dur=224;cpu=49;start=2023-08-07T05:38:46.440Z;desc=miss,rtt;dur=0,cloudinary;dur=156;start=2023-08-07T05:38:46.485Z
Content-Length: 165890
x-backend-name: fastlyshield--shield_cache_iad_kiad7000121_IAD
x-served-by: cache-iad-kiad7000121-IAD, cache-fra-eddf8230023-FRA
last-modified: Sun, 02 Jul 2023 12:39:48 GMT
server: Cloudinary
x-timer: S1693427229.898354,VS0,VE1
etag: "cebe3af2bb40eb7120e4db4f22ce1234"
vary: /video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2F%2Fh_400%2Cc_scale%2Fv1655289863%2Fsbfcvda1gqwcij41gdnv.mp4
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 143, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e1859df94458ff181dcbc91154aedfe.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7006a8b11a3abeda99bfb74de1bc8ab8d57cc63c70262b8e37f377a43eb66468

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e1859df94458ff181dcbc91154aedfe.jpg
age: 1242777
edge-cache-tag: 332202186785517654752073628691777932872,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 332202186785517654752073628691777932872,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 389
req-referer: https://ads.taboola.com/
content-length: 29014
x-request-id: 04a14baccfbce2c046dceec9d97c0c83
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kjyo7100040-IAD, cache-chi-kigq8000176-CHI, cache-iad-kjyo7100112-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 15 Aug 2023 14:27:10 GMT
server: nginx
x-timer: S1693427229.895483,VS0,VE0
etag: "bbad14d9464a88b0ca570a81ab64b170"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 146, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ee18242dc2d5eda28cadfa35c3ae3d2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 15bfe024c6901e652462c628893e39356741b7ef95b174887dff58dba2d2ec72

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ee18242dc2d5eda28cadfa35c3ae3d2.png
age: 428057
edge-cache-tag: 599401652562235241018796229892401720991,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 599401652562235241018796229892401720991,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 72
expiration: expiry-date="Mon, 11 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport5.co.il/
content-length: 5644
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kjyo7100076-IAD, cache-iad-kcgs7200140-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 11 Aug 2023 07:53:33 GMT
server: nginx
x-timer: S1693427229.897071,VS0,VE0
etag: "9d9edb45f212674b287cae01eab98596"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01782ad40ca0eb169f2630f4d7dfd436.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0897c46b4e0e8afa0155063ac17f661448f11f08bc0707c9d7bd1c4f31f01d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01782ad40ca0eb169f2630f4d7dfd436.jpeg
age: 524801
edge-cache-tag: 339951368219013923150561119132174343463,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 339951368219013923150561119132174343463,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1651
req-referer: https://psychicmonday.com/
content-length: 5382
x-request-id: 7ad8823c1188e09cae6e5a1599c9e32e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kjyo7100115-IAD, cache-iad-kiad7000126-IAD, cache-fra-eddf8230023-FRA
last-modified: Thu, 24 Aug 2023 14:10:02 GMT
server: nginx
x-timer: S1693427229.897258,VS0,VE0
etag: "7a2f48350343ad8cd6205da0b6fb87a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2

GET
H2 200 7f81e742d752b9126000c9098b84c20c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 15ms
12ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f81e742d752b9126000c9098b84c20c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecf8f447213a059e4a8c6c42b871243a712559bc8941caeff6a9bdb4e9164e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f81e742d752b9126000c9098b84c20c.jpg
age: 1335120
edge-cache-tag: 411122531802132823973870071352852983868,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 411122531802132823973870071352852983868,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 358
req-referer: https://weightlossgroove.com/
content-length: 4874
x-request-id: 8ab6a53ac8441cd0bc8b128b461cdcaa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kiad7000069-IAD, cache-lga21927-LGA, cache-iad-kjyo7100084-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 14 Aug 2023 14:05:57 GMT
server: nginx
x-timer: S1693427229.899439,VS0,VE0
etag: "2ae60e978ae6b17d40d4d85d405e39e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 16, 2

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 18ms
18ms Script
application/javascript 23.205.176.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-176-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:08 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Wed, 30 Aug 2023 20:42:08 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d2a132ef6738626fc7f481db2ae94e5a01c13013090dee66370944dd80aa22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
age: 1176245
edge-cache-tag: 390508218841952208715543860247050564844,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390508218841952208715543860247050564844,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 169
expiration: expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.wn.de/
content-length: 24372
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kjyo7100169-IAD, cache-sna10733-LGB, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 15:02:01 GMT
server: nginx
x-timer: S1693427229.917365,VS0,VE0
etag: "b46c7a69a24edf415f4fa1c2266fb5d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66fdc11f6f1741b5db99b05dc22b8645.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 781090a17e7ef134a15d1eb6deec4a6cb312eba2eb7b76122688559d7664a608

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66fdc11f6f1741b5db99b05dc22b8645.png
age: 812785
edge-cache-tag: 423832801527416018012382141642402187892,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 423832801527416018012382141642402187892,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 94
req-referer: https://contextualpalace.com/
content-length: 32504
x-request-id: 779251c5bcaefaf6cd2888217da33d1d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200049-IAD, cache-iad-kcgs7200049-IAD, cache-sna10741-LGB, cache-iad-kiad7000157-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 08 Aug 2023 15:38:16 GMT
server: nginx
x-timer: S1693427229.917868,VS0,VE0
etag: "df494f65c9b9f24eca00ca122f0d1390"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 5, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 389067ab18faff869d6db8acea50f4292632eb33f3547918a4ac00d95434b24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
age: 1425373
edge-cache-tag: 578705306751097711567236155726779671145,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578705306751097711567236155726779671145,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 454
req-referer: https://www.wunderground.com/
content-length: 39082
x-request-id: e2ac62200b52da9df5dc699107954248
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100093-IAD, cache-iad-kiad7000067-IAD, cache-lax10681-LGB, cache-iad-kjyo7100153-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 11 Aug 2023 14:47:32 GMT
server: nginx
x-timer: S1693427229.918374,VS0,VE0
etag: "226d8cbec89dafacc160d8c6ae65ee8c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e610f0421fe0c39e0dcc0044cadabcd.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d29376f388021cc3596a91eb1a1a83ecf97a3354350f34e31a050b02a2e756b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e610f0421fe0c39e0dcc0044cadabcd.jpg
age: 41189
edge-cache-tag: 439437668230294112305176807941322946166,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 439437668230294112305176807941322946166,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 210
req-referer: https://www.tichyseinblick.de/kolumnen/stephans-spitzen/wenn-gruen-geschaeftsschaedigend-ist/
content-length: 48240
x-request-id: 2c65597a7234193bf9355d70b5184c23
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kiad7000106-IAD, cache-iad-kcgs7200027-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:00:31 GMT
server: nginx
x-timer: S1693427229.918387,VS0,VE0
etag: "aa4baf86dedd2e7787940982c0a26cda"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0767bd5ac6c0ccd8898fd9e8a763d7c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dbc4865442379cdd84ba896a93240a19ef25890dffce8d158dc879b5d53b3756

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0767bd5ac6c0ccd8898fd9e8a763d7c.jpg
age: 2153597
edge-cache-tag: 570812493056311747500302573078727732681,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570812493056311747500302573078727732681,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 411
req-referer: https://weightlossgroove.com/
content-length: 12508
x-request-id: c1f97540e51216cc41e81f6d5c16840c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kcgs7200139-IAD, cache-sna10733-LGB, cache-iad-kcgs7200035-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 10:44:39 GMT
server: nginx
x-timer: S1693427229.918333,VS0,VE0
etag: "e98b104ba271857f28617affcacdfbaa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 85, 2

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 101 B
287 B 112ms
112ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604ad422181a0211b06527f1a9ae9636d5c72de49d436852f991e3e0cab6c19d

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 7fefc5d5acaa1e31-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 110ms
110ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7fefc5d4fb261e31-FRA
content-length: 0
content-type: application/json
date: Wed, 30 Aug 2023 20:27:09 GMT
debug: OPTIONS block
expires: Thu, 29 Aug 2024 20:27:09 GMT
server: cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/200538988-005__ycADrecK.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a312a942fac398f71b8ad4dbfdb25253c442a8ab8e97ad512ef7fc0c1cb9623f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:08 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/200538988-005__ycADrecK.jpg
age: 2891057
edge-cache-tag: 602134485717045294048603140773923929932,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602134485717045294048603140773923929932,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 55
expiration: expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.oggi.it/video/attualita/2023/08/10/massimo-segre-molla-cristina-seymandi-davanti-a-tutti-ti-dono-la-libera-e-la-lascia-davanti-a-tutti/
content-length: 28376
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200044-IAD, cache-iad-kjyo7100173-IAD, cache-chi-kigq8000100-CHI, cache-iad-kjyo7100137-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 19 Jul 2023 09:28:32 GMT
server: nginx
x-timer: S1693427229.964571,VS0,VE0
etag: "8fe3927bfc86a84e819812903081acc8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 78, 2

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
2 KB 14ms
13ms Image
image/png 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 30 Aug 2023 20:27:08 GMT
cdn-edgestorageid: 864
cdn-cachedat: 02/05/2023 21:16:32
cdn-pullzone: 1027527
content-length: 1265
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: BunnyCDN-DE1-1075
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 52011b9b144bcbc0ea25b30d43caef6c
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 23 KB
4 KB 397ms
165ms XHR
application/json 54.211.96.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=644662fd5e555cc28b0f44a5&AV_PUBLISHERID=6446608883ac0940fc0b13ca&AV_VIDEOURL=https%3A%2F%2Ffeed.playstream.media%2FmanualUpload%2Ffsk5i3ztuqclk84rs4h%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=0&AV_LANGUAGE=en&AV_URL=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&AV_CHANNELID=6446621c2b382b7b120d03d3&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=ultrasurfing.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=644662fd5e555cc28b0f44a5&AV_TEMPLATE=6446624c6225dc6f8f064258&AV_GPID=/6446608883ac0940fc0b13ca/644662fd5e555cc28b0f44a5/ultrasurfing.com&d36=6.2.121&responsive=1&sver=4&avtoken=228994&omv=1.0.1&AV_D66=8.3.17&clsid=3fd7dce7-6924-47f5-8ece-3e8e128c2d73&rando=58&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1693427228997&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6446608883ac0940fc0b13ca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.96.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-96-115.compute-1.amazonaws.com
Software: /
Resource Hash: dbbb7494bf0caf3327361191177b923b59a607d825105ae7b0aab8379d558276

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: http://ultrasurfing.com
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Sat, 19 Aug 2023 06:40:29 GMT

GET
H2 200 track
track1.aniview.com/ 0
97 B 94ms
94ms Image
text/plain 23.22.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=ultrasurfing.com&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.121&apppkg=&fv=1&proto=http&d66=8.3.17&clsid=3fd7dce7-6924-47f5-8ece-3e8e128c2d73&rando=58&pid=6446608883ac0940fc0b13ca&cid=6446621c2b382b7b120d03d3&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&e=inventory&vi=100&cb=1693427228995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-92-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 112ms
35ms XHR
application/json 52.18.110.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.110.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-110-117.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bfcf124e3ffd8d865dc60f4779a1ff8d848ce7de980d40e7f1a5d55bbb3753b6

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.24.111
access-control-allow-credentials: true
content-length: 60
expires: 0

GET envelope
lexicon.33across.com/v1/ 0
0

GET
H2 200 next-up-widget.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 8ms
8ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b9c2d916d745897ba3df251cd6265b30a7bbdd11a68871099ed4b4b9588a361

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: ajVh0NrWybvNnLZUxCE6D1iwaNlGtRqH
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:09 GMT
x-amz-request-id: MD8WJC2PBHZX98N7
age: 40103
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: KeVnTd868iw68pvpEWgHhYDHsyMQqklBk+IPLgDY9anBD3ii99PkzRPGXej/WYGgrMJZrNKEZ6Q=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:18:45 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427229.018344,VS0,VE0
etag: "f57585f7c78ee201a8a73fbc419b9a11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 794

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=12316&lti=deflated&ri=c790176e1770bc0298c5257e434bc438&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&pi=/&wi=-1709852854480885386&pt=home&vi=1693427228020&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22296.96875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A27%3A09.024&id=1286&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 204 health
aegis.anonymised.io/ Frame 0
0 105ms
40ms Preflight
text/html 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: http://ultrasurfing.com
allow: OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 30 Aug 2023 20:27:09 GMT
server: Google Frontend
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: b0b756cf9f2eb91c5d4e892ed983793c
x-request-id: SNUENWeuu99fOMINkTA2H4FztrV9kz4v

GET
H2 200 health Show response
aegis.anonymised.io/ 2 B
145 B 59ms
58ms Fetch
text/plain 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
x-cloud-trace-context: c153411727c5f0255e84e48989dc59a5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-request-id: XmOjNq1kc3b4q1HFD2Qk1dc5G7aFd2CQ

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 61ms
24ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccdee1a158c13c6490d73f4c6dcecdc75f8707a7879fcdb072d49aec9bb38320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 20:05:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 20:27:09 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b60358e-bcb3-464c-af3e-b6e3d7eae7ca__GTwbylaN.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2795c2555cc2103629f87ecf1c1950d3dcc014eec08fd22f52894965dbc29922

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b60358e-bcb3-464c-af3e-b6e3d7eae7ca__GTwbylaN.jpg
age: 39561
edge-cache-tag: 291274232689832571826283468129384376861,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291274232689832571826283468129384376861,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 425
req-referer: https://www.t-online.de/
content-length: 34178
x-request-id: 9e6f4b3b50578a21a18b2984e505f89e
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000134-IAD, cache-iad-kjyo7100106-IAD, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 29 Aug 2023 11:06:27 GMT
server: nginx
x-timer: S1693427229.108682,VS0,VE0
etag: "6b9eaeddbf01e15400497983abc5841d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b4d5d2515121b6edf64cede21340a8f9fec8b04371f1b04b07765aecf70f00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age: 2384480
edge-cache-tag: 380932827776598572844696039841441315722,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380932827776598572844696039841441315722,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 88
expiration: expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.familysurf.de/
content-length: 14780
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kcgs7200095-IAD, cache-chi-klot8100028-CHI, cache-iad-kcgs7200155-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 05 Jul 2023 18:37:47 GMT
server: nginx
x-timer: S1693427229.108936,VS0,VE0
etag: "0546338eb49e1467bf0277eeb77743dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 24, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e846bd712d88f8f88e0d380c91c3f07.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 196cd00c896a1bb63d36e82154a29945a89736829cbd087edff795bb761f41d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e846bd712d88f8f88e0d380c91c3f07.jpg
age: 1418766
edge-cache-tag: 465218785552688852396311911958069590048,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 465218785552688852396311911958069590048,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 145
expiration: expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espn.co.uk/
content-length: 19664
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000127-IAD, cache-iad-kcgs7200073-IAD, cache-lax10632-LGB, cache-iad-kiad7000047-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 31 Jul 2023 06:40:35 GMT
server: nginx
x-timer: S1693427229.110318,VS0,VE0
etag: "75354a669145663bc2a502f9eae2165c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 2

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 276 B
686 B 48ms
17ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

eb4531f2ccc72805d99d81cc3e9e42e74ba8a55c3fde1a3a50e233d24f1eb232

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Wed, 30 Aug 2023 20:27:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 56ms
19ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd984132d7355a3d3c7a7484ed49897d09384e0fdb1cced32c7c3cb7620688

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Aug 2023 20:24:56 GMT
server: cloudflare
age: 133
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7fefc5d6ba21bbeb-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF54 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmmEXH6aCAU6tLzqv2jrd0su9ON-KKkqNQyR6ZgYaok654Inp458YVQMbruPng5jB6_03hq5yN86Ik-IsqWdkTUEIr2xVS0AzJwnCXgotIo4U6dt2w_OdVHpw96ntz9FGwtNJjDNqfMurW9FaLmvhoQs9wzxYFtTLKr80wCNwrKesultuA6Te-M6k-ChM5rtd6i41szjPvRKOuah_WyjCk2PJd8pnbVW1x5k7-QW_uEd99vm6AlqNSEnd1nYKGfoEqTU_cIaqgqp-RyIfxNnkeXtoa-8FIVKlFIFZPLhAZrTvxT3-0LwlKx4At4N3NdNoK3ElEOO4iFSHLvNXd-4yaNEZnE7Ouf7ST&sai=AMfl-YRAdtMbjjq9I2aXm3sNreIWyO0KZldPTojjbAhBGXw30UlUCLaDaDf-rbSRbXPV4YX_G-e8NhJWB5foXG5-2X9_nJBXfWCxmV53f8RgKMU&sig=Cg0ArKJSzLo8eQLeOH_LEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F271 261 B
126 B 58ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGKr3tPQBMAE&v=APEucNXVDICOk5d87nZqbd3kXCdA1VZQoUBuaLik3f9qyfIBwrCfYtZWsnB_AEHOgbZEDUCKbyQbIcudMoeMjbcG740tMc_ctA8e8MCgIbmeQHBKDdScooaLSofPFxJkZAvjSmXGtt-7K9v8XRtrlCEDZNK8khlscni1PcclOa13xL1FfG7Avcg

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 20:27:09 GMT
expires: Wed, 30 Aug 2023 20:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF54 86 KB
29 KB 148ms
148ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF54 42 B
63 B 115ms
114ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DViOpSH0ySxuYz7dtqJ94nJegzfsaRbuzEWUU4VZpdeaPMu-Uo_ta32Owju7IzIP6FYXzwOEIWAcoVnwuFWNrHnmkq4hTQwOwvVzk4pi1hc-_FLFI

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF54 0
20 B 114ms
113ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3263877172216158172&x=8&ct=76

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 98942dad-33db-4d46-87ca-6a99b733a8e5
beacon-ams3.rubiconproject.com/beacon/d/ Frame BF54 43 B
227 B 99ms
16ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/98942dad-33db-4d46-87ca-6a99b733a8e5?oo=0&accountId=17262&siteId=447806&zoneId=2591662&sizeId=9&e=6A1E40E384DA563BD05E7E72E226C66DAA0B50FD68716FCA423D2DDC77637A740F61191BEEE798DCD7182983E30F178D6EB69AE2A0CA654BE528B1B7EFAED26930946FA473311435BE671C63135216F2815395A550F45302BD4E4078C87579A770AD70EFF4EA52FFF5E7A146DBE0E79F386AACCA05AD3BAB05471D4EC0C992F22605645952F6017877FC3B8C3BDF3F8DD2C2625003326B4CC5895092A08F041081EB16D4B88692DB317A31EE183818586705036A3F7330CAE82A954C1004678A

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:08 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF54 181 KB
57 KB 79ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A58 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss55lRuM0uHya8rOZ4JDokhNWBeYTZ05uX7T58oEep207-j4LcWUr8YUr90-8Qt4aW5pVemnF5juDazBCLCM5vc3Re3FOUtNKFSVdqX9fWq2FUeGCwo880qTa3K19-08V3yJMrB2gsBW7z8CHVZR-zgI3hk9l9qpN5MI9UsMorZS90uWJs7FQtNrg4tfWlZigILXpQ5TcGDR_ASOJRhtRfXq9_q-Yly3g9X41WyfHRZs4JTRlK8v60BOmBvZrhO0WklLh7-ltxD5Qh8qnOTfr8bSlhlCrfFyv4ft1dOjcpNj3N4zzvhFXkafQg0_c6jxzAbhFSRYJse_yyCXt1zoNHtyMkY8tXh5g&sai=AMfl-YTnI1dHZDzBXrNJQBK_TZI8uqCDvnuZKclCow9au8JobfkUMHkYXbR5K81bnMfOOvdkiE5EWtAufzmEEVzJC3b_KzZlhuwEDGwvuMdMgww&sig=Cg0ArKJSzFWr9gWx3pnsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D6B2 261 B
126 B 57ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGMLihuUBMAE&v=APEucNXd5-72HiN1db3ia6CequBCKJcz-N4wRja_Zfk-vc8UB3txw3E68GBydhrYCdKxVGFDMLoiq8TyST64J_DH5zgzlrMEYoz7ifG6boAvkIrv9_GGtLuBkqk9DliOTyW2RvwLsTr-Coj-MMb0LVDaas8GEuNOsEqCF0ID6vNkq3XZkv_qX4M

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 20:27:09 GMT
expires: Wed, 30 Aug 2023 20:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5A58 86 KB
29 KB 209ms
209ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A58 42 B
63 B 115ms
114ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Be1FtfMZ_3cLFCLmcbngS2wtZGLQ9MhF6laNpzTrfMIVjMi3VwI6XMeRI-i5dc3pCm-GxI41MVOE_VBF680f8OOngYFczRqnxdRj03eMGgWnZU3iA

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A58 0
20 B 114ms
113ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2258101414342114399&x=8&ct=76

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f73d9a66-a704-4de9-a307-6f0e3703ed06
beacon-ams3.rubiconproject.com/beacon/d/ Frame 5A58 43 B
98 B 79ms
18ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/f73d9a66-a704-4de9-a307-6f0e3703ed06?oo=0&accountId=17262&siteId=447806&zoneId=2591662&sizeId=2&e=6A1E40E384DA563B774472CB549B7906D8C6E52A1A659D40FB334CB903C100BDE343E21F7DA0FB64595160E9690333E86256DD5F63730948688DCF083ECC6857E03689BE614092D0D427295A10B2A563415E5FB3EDB384B8A8961240612396D7EBEF4B390EA72C490C3DDE5CFFF35E5A63B36C52A7FFCE440F6CA651E8A75C052605645952F60178656E92728ED997F359E19599CEAAAC7D1A2C9C4FCEA5AE72C1B534E0DF05F68AD3A7D4E1EA154C44CB854B1892BF35E7E82A954C1004678A

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A58 181 KB
57 KB 80ms
64ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 19ms
18ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

838428441c139fbdb2f8976608fb144594cf3393af579f8dfc4a4be1bd7cfe9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Wed, 30 Aug 2023 20:27:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
397 B 111ms
13ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Wed, 30 Aug 2023 20:57:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EE6 13 KB
5 KB 29ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 18:18:12 GMT
expires: Thu, 29 Aug 2024 18:18:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 80BB 829 B
559 B 37ms
25ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c085d36eb3f96c469413e0edd223f949ae37c78373d1cfcbeab0d48252663af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-36H9D6cMtjfnxgHT9d1QQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-36H9D6cMtjfnxgHT9d1QQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 20:27:09 GMT
expires: Wed, 30 Aug 2023 20:27:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index.m3u8 Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 135 B
624 B 100ms
21ms XHR
application/vnd.apple.mpegurl 138.199.36.7
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/index.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-7.bunnyinfra.net
Software: BunnyCDN-DE1-1047 /
Resource Hash: 3964e306d6b67165ac73c35d1da6dff273cb8e6f51a3fa4a615582a2a637026d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
cdn-edgestorageid: 860
cdn-cachedat: 07/18/2023 10:32:50
cdn-pullzone: 1464120
last-modified: Tue, 18 Jul 2023 10:08:46 GMT
server: BunnyCDN-DE1-1047
cdn-proxyver: 1.03
cdn-requestpullcode: 206
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 4079f5467ef776e744ad6b25fa97c41c
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 anonymized_small_black.png
storage.googleapis.com/idw_static_assets/ 2 KB
2 KB 55ms
14ms Image
image/png 2a00:1450:4001:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/idw_static_assets/anonymized_small_black.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 05adb1a8ab31ced159adf8401bc91d0c28dc75777423ea84358b9565147b5925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:35:10 GMT
age: 3119
x-guploader-uploadid: ADPycdu5pw82l_DL1yxEO7areEcAyY5L1vTcUbQRAG9kjImrlzZh5wPHeAlw5ZdjYQ3u_bTsj0mugcibsZrg5iaCwKmsyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1661
last-modified: Thu, 02 Feb 2023 09:54:23 GMT
server: UploadServer
etag: "d0042077edcb1feff233a5a0e095b327"
x-goog-generation: 1675331663329867
x-goog-hash: crc32c=A2Z1Vg==, md5=0AQgd+3LH+/yM6Wg4JWzJw==
content-type: image/png
cache-control: public,max-age=7890000,no-transform
x-goog-stored-content-length: 1661
accept-ranges: bytes
expires: Thu, 30 Nov 2023 03:15:10 GMT

GET
H3 200 bidderchecker.js Show response
static.anonymised.io/light/ 961 B
418 B 25ms
21ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/bidderchecker.js?v=0.2.4
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:09:40 GMT
content-encoding: gzip
age: 1049
x-guploader-uploadid: ADPycduUXQSwUAVrOYzFNc9vOyX84uDwqMUvgIHGtnv2mrjN82GctKJoLzGrGrKrO5Fz2blLe8h5LJvUUNtN6neKcxbogg2UkDHG
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 387
last-modified: Mon, 14 Aug 2023 15:49:09 GMT
server: UploadServer
etag: "f133ff708b39bac8c0de54d982895955"
vary: Accept-Encoding
x-goog-generation: 1692028149468399
x-goog-hash: crc32c=uL1dkQ==, md5=8TP/cIs5usjA3lTZgolZVQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 387
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 30 Aug 2023 20:29:40 GMT

GET
H2 200 timeme.min.js Show response
cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/ 6 KB
2 KB 49ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/timeme.min.js

Requested by

Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7833124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1532
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-163a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xK4zpBv%2FSzyYvQuBYFdH7skweiqq%2Fg3Cr6xA%2BxdFdGz9iruf0FrtrXfXfnAo%2FeB5bBtJieY5X6CirdcyTwmUE1%2FZjp5RlJ00cop7aIW3LboCr1taSKmUTG6Gg%2BGDgJDsL2sQ55Z7QaA1F8gpDB6%2FeZCY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fefc5d7997118e6-FRA
expires: Mon, 19 Aug 2024 20:27:09 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
295 B 487ms
100ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Wed, 30 Aug 2023 20:27:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame F271
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1

0
400 B

79ms
34ms

Image
text/plain

23.35.233.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGKr3tPQBMAE&v=APEucNXVDICOk5d87nZqbd3kXCdA1VZQoUBuaLik3f9qyfIBwrCfYtZWsnB_AEHOgbZEDUCKbyQbIcudMoeMjbcG740tMc_ctA8e8MCgIbmeQHBKDdScooaLSofPFxJkZAvjSmXGtt-7K9v8XRtrlCEDZNK8khlscni1PcclOa13xL1FfG7Avcg
Protocol: HTTP/1.1
Server: 23.35.233.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-233-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:09 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 29 Aug 2023 20:27:09 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame F271
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1

43 B
163 B

106ms
25ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGKr3tPQBMAE&v=APEucNXVDICOk5d87nZqbd3kXCdA1VZQoUBuaLik3f9qyfIBwrCfYtZWsnB_AEHOgbZEDUCKbyQbIcudMoeMjbcG740tMc_ctA8e8MCgIbmeQHBKDdScooaLSofPFxJkZAvjSmXGtt-7K9v8XRtrlCEDZNK8khlscni1PcclOa13xL1FfG7Avcg
Protocol: H2
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
last-modified: Fri, 28 Jul 2023 11:03:52 GMT
server: nginx
accept-ranges: bytes
etag: "64c3a098-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D6B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1

0
400 B

64ms
19ms

Image
text/plain

23.35.233.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGMLihuUBMAE&v=APEucNXd5-72HiN1db3ia6CequBCKJcz-N4wRja_Zfk-vc8UB3txw3E68GBydhrYCdKxVGFDMLoiq8TyST64J_DH5zgzlrMEYoz7ifG6boAvkIrv9_GGtLuBkqk9DliOTyW2RvwLsTr-Coj-MMb0LVDaas8GEuNOsEqCF0ID6vNkq3XZkv_qX4M
Protocol: HTTP/1.1
Server: 23.35.233.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-233-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:09 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 29 Aug 2023 20:27:09 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEC_M8SMhBrJaPqnyziNqWw4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame D6B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1

43 B
162 B

107ms
26ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGMLihuUBMAE&v=APEucNXd5-72HiN1db3ia6CequBCKJcz-N4wRja_Zfk-vc8UB3txw3E68GBydhrYCdKxVGFDMLoiq8TyST64J_DH5zgzlrMEYoz7ifG6boAvkIrv9_GGtLuBkqk9DliOTyW2RvwLsTr-Coj-MMb0LVDaas8GEuNOsEqCF0ID6vNkq3XZkv_qX4M
Protocol: H2
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
last-modified: Fri, 28 Jul 2023 11:03:52 GMT
server: nginx
accept-ranges: bytes
etag: "64c3a098-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENjWBZ0FMpVLBxq75S53sT8&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK st Show response
imprammp.taboola.com/ Frame 0E5D 577 B
719 B 36ms
17ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=undefined&cb=1693427229535&uv=3322&tms=1693427229535&abt=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=51698f32-a97b-43eb-9a0c-2748bda78255&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0dddf70bf2b14c632451818b83903ea27697678f084157eb2084e7b36a4b7e16

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 30 Aug 2023 20:27:09 GMT
Server: nginx
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230022-FRA
X-Timer: S1693427230.733881,VS0,VE10
transfer-encoding: chunked

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 0D2F 422 B
507 B 67ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 1ff9c4689c626ddbcae332e42ab9b01e9fd3691fdf5fa4ffe0a73c9e69e61ff5

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 30 Aug 2023 20:27:09 GMT
machineid: 3407
server: nginx

POST
H/1.1 200
OK VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 507ms
500ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1693427229543&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1544&pt=-1084203318&tz=120&viewable=true&ddast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b0a9f799ed53e375ae24c1aa0e30fe55e9b72cca8f09400a8d7f9c5969073b0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

X-Cache-Hits: 0
Date: Wed, 30 Aug 2023 20:27:10 GMT
Content-Encoding: gzip
Via: 1.1 varnish
MachineId: 1460
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1693427230.554371,VS0,VE478
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 st
am-vid-events.taboola.com/ 0
112 B 260ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=31589837&cb=1693427229535&uv=3322&tms=1693427229535&abt=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693427226477.6!ts:1693427229535&mntl=1
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame 374F 0
0 168ms
51ms Document
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm.hybrid.ai/match?id=407&vid=1693427229279-952420803239-001362-007-007440&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693427229279-952420803239-001362-007-007440%26biddername%3D166%26pid%3D5e7b9048180bd02ded4b0937%26key%3D%24%7BVID%7D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6446608883ac0940fc0b13ca

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store
date: Wed, 30 Aug 2023 20:27:09 GMT
expires: -1
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
pragma: no-cache
server: Hybrid Web Server
x-mode: 116
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 898A 0
75 B 306ms
37ms Document
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=33&gdpr=1&gdpr_consent=&rdir=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6446608883ac0940fc0b13ca
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Wed, 30 Aug 2023 20:27:09 GMT

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame D0F2
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

248 KB
61 KB

24ms
16ms

Script
application/javascript

13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:41:45 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2726
etag: W/"bfd42dc650471371e7b049251fcaca58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: MBVeI1qZbINWYgm6Ki_MhHSN5myqe-f9qitkOcLYoiH4OFWG5hbemg==

Redirect headers

Date: Wed, 30 Aug 2023 20:27:09 GMT
Via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: ekR3-2uniaJpCKFrq4WMsu0_u0z9K4e74HH6JY5aN1YRXodSs-8Ugg==

GET
H2 200 track
track1.aniview.com/ 0
97 B 95ms
94ms Image
text/plain 23.22.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=77643&t=1693427229&cip=178.162.209.131&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=6446608883ac0940fc0b13ca&test=&d64=24135b15bdab25cff54d7bcc05acf2c1&d63=24135b15bdab25cff54d7bcc05acf2c1&aafaid=&proto=http&uid=1693427229279-952420803239-001362-007-007440&cha=0.7&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&d35=&d36=6.2.121&cb=46402511286&d39=&d65=&d66=8.3.17&d74=&d56=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.17&d74=&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&cvid=&cpid=&str=viewable&AV_WIDTH=300&AV_HEIGHT=169&&ppid=6446608883ac0940fc0b13ca&nid=5e7b9048180bd02ded4b0937&pcid=6446621c2b382b7b120d03d3&ncid=644661a0f07a38995f065ca4&pasid=644662035bd2063e47052616&e=request&cb=1693427229584&asid=6446659e48e8246b340dddc4%2C64633c9a1e543b78fa0464dd%2C646621fef839f39e85056aa4%2C646339fabfde509dc80d3aa3%2C64633a09ba636a67920af455&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-92-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
97 B 94ms
94ms Image
text/plain 23.22.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=77643&t=1693427229&cip=178.162.209.131&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=6446608883ac0940fc0b13ca&test=&d64=24135b15bdab25cff54d7bcc05acf2c1&d63=24135b15bdab25cff54d7bcc05acf2c1&aafaid=&proto=http&uid=1693427229279-952420803239-001362-007-007440&cha=0.7&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&d35=&d36=6.2.121&cb=46402511286&d39=&d65=&d66=8.3.17&d74=&d56=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.17&d74=&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&cvid=&cpid=&str=viewable&AV_WIDTH=300&AV_HEIGHT=169&&ppid=6446608883ac0940fc0b13ca&nid=5e7b9048180bd02ded4b0937&pcid=6446621c2b382b7b120d03d3&ncid=64673ee8d75f7e97cf032794&pasid=64673f8ae0acad92ee0129a4&e=request&cb=1693427229584&asid=646621b97f1fe8833507a54a%2C6466213d9ab7818647098797%2C644665b32bf0ffbc33049217%2C646b297864a342fb3402c669%2C644665d733dcf2e8300b89e5&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-92-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 223 KB
65 KB 19ms
19ms Script
application/javascript 23.205.176.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-176-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 17:51:49 GMT
server: Apache
etag: "37c41-60386a6319d17-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 66128
expires: Wed, 30 Aug 2023 20:42:09 GMT

GET
H2 200 flickstree_combine_content_17_06_23.m3u8 Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 5 KB
1 KB 41ms
40ms XHR
application/vnd.apple.mpegurl 138.199.36.7
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/flickstree_combine_content_17_06_23.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-7.bunnyinfra.net
Software: BunnyCDN-DE1-1047 /
Resource Hash: 5730c7d2ccee1dbe00f07bcd36df2223be8ac45b200d9f735fbd1a0e8edd3549

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
cdn-edgestorageid: 722
cdn-cachedat: 07/18/2023 10:32:53
cdn-pullzone: 1464120
last-modified: Tue, 18 Jul 2023 10:08:46 GMT
server: BunnyCDN-DE1-1047
cdn-proxyver: 1.03
cdn-requestpullcode: 206
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 68d1bb81f65296d23d1df3eb0254c4e2
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=12316&lti=deflated&ri=98edab4558cb34f62b7b3a9123e444e5&sd=v2_c5ec303e78978fb51146038d4b693188_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427228_1693427228_CIi3jgYQ8-NDGPS6g8GkMSABKAEwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&pi=/&wi=-1709852854480885386&pt=home&vi=1693427228020&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1693427229665%7D&tim=22%3A27%3A09.665&id=3464&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 d93162cf1cacddecf90e5e9e7fd7b50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 81 KB
82 KB 9ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d93162cf1cacddecf90e5e9e7fd7b50c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 016a592f00170a77e5037f43bf391a6f1b15913934f618e17cdcdd644b8853b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d93162cf1cacddecf90e5e9e7fd7b50c.jpg
age: 1600465
edge-cache-tag: 463669085872636427271271754656548274404,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 463669085872636427271271754656548274404,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 306
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tichyseinblick.de/daili-es-sentials/scholz-krafft-hess-plakat/?fbclid=IwAR3iG0hiL4d27EH8C_z5V8JYJj2fs1djJT7GXS6f1edxfXLU1KSQxbjCY_0
content-length: 83066
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200090-IAD, cache-iad-kjyo7100056-IAD, cache-iad-kiad7000110-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 01 Aug 2023 07:02:27 GMT
server: nginx
x-timer: S1693427230.679834,VS0,VE1
etag: "1071ab0326eaa8f510451a3e30ac613c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 18, 5

GET
H2 200 css
fonts.googleapis.com/ Frame 1BBB 6 KB
779 B 28ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=3549011610&pi=t.ma~as.1261171629&w=300&lmt=1693420028&format=300x250&url=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&wgl=1&dt=1693427227510&bpp=1&bdt=700&idt=1001&shv=r20230829&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8514014216088&frm=20&pv=1&ga_vid=1504099132.1693427227&ga_sid=1693427228&ga_hid=1310672055&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=975&ady=327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077324%2C31077372&oid=2&pvsid=1277819846769102&tmod=456507242&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6NUtT9qzf8&p=http%3A//ultrasurfing.com&dtd=1008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 19:01:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 1BBB 2 KB
892 B 20ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame 1BBB 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 1BBB 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 1BBB 20 KB
8 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BBB 181 KB
56 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:09 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 1BBB 36 KB
15 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 257601af3aa2662cf5fcbf4e7904d7f7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 14ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/257601af3aa2662cf5fcbf4e7904d7f7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2804b522a25c65e8d2907c2611d13b44af7266525e8b3f291ca04d655bb7b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/257601af3aa2662cf5fcbf4e7904d7f7.jpg
age: 446565
edge-cache-tag: 325820447602185906886401445746953671241,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 325820447602185906886401445746953671241,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 324
req-referer: https://tvmag.lefigaro.fr/programme-tv/people/obseques-de-gerard-leclerc-les-premieres-images-du-cortege-20230824
content-length: 6010
x-request-id: 442ec936542d2ad2ed8a20b01e86b108
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200126-IAD, cache-sna10744-LGB, cache-iad-kjyo7100176-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 25 Aug 2023 12:05:17 GMT
server: nginx
x-timer: S1693427230.696146,VS0,VE1
etag: "9bac6361719dea457b6d4742659b81e8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
9 KB 15ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 801e40ebea53d1df257fd8917c03e7dc915e6bcdc51fb4d4a4362687b16b4abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 1027705
edge-cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 745
req-referer: https://www.foxsports.com/
content-length: 8822
x-request-id: ace1166fe0f8ab9e198af54abc324b5c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100113-IAD, cache-sna10726-LGB, cache-iad-kiad7000136-IAD, cache-fra-eddf8230023-FRA
last-modified: Sun, 13 Aug 2023 13:13:55 GMT
server: nginx
x-timer: S1693427230.696454,VS0,VE1
etag: "c64de5afe6c88990dc4e3d4d7d879f65"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5333, 1

GET
H2 200 7c3d40173f505e33f6e84cff67ed96ea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 14ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c3d40173f505e33f6e84cff67ed96ea.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6929bbe411ea16e17cac6b34da944610a1cb34353c4244a36a3dcaf468728a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c3d40173f505e33f6e84cff67ed96ea.jpg
age: 2563428
edge-cache-tag: 419436037701189592831284709431285966254,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 419436037701189592831284709431285966254,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 137
expiration: expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cbsnews.com/
content-length: 25716
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000131-IAD, cache-iad-kcgs7200026-IAD, cache-sna10721-LGB, cache-iad-kiad7000052-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 24 Jul 2023 07:35:49 GMT
server: nginx
x-timer: S1693427230.696053,VS0,VE2
etag: "ecac314d95ba4464daa9da00ca7f7c98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 1

GET
H2 200 2f6c8adc536d8a8db5ff2c88814caf26.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 15ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f6c8adc536d8a8db5ff2c88814caf26.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3687ad35bebbe9b7c32c51f353237548ad315007e7c768b2f228aa69b1d010f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f6c8adc536d8a8db5ff2c88814caf26.jpg
age: 2008329
edge-cache-tag: 582952071041832141257199039548830661644,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 582952071041832141257199039548830661644,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 181
expiration: expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/faits-divers/marseille-repeche-a-14-metres-de-profondeur-dans-une-calanque-un-touriste-belge-dans-un-etat-critique-20230806
content-length: 13708
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000030-IAD, cache-iad-kcgs7200107-IAD, cache-lga21942-LGA, cache-iad-kiad7000149-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 12 Jul 2023 09:46:41 GMT
server: nginx
x-timer: S1693427230.696051,VS0,VE2
etag: "084c42f5c2099a17a43ca83bf17aeac9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 102, 1

GET
H2 200 1415851840__QBihsYZB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 10 KB
11 KB 12ms
6ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1415851840__QBihsYZB.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f1c67e7c40b66ef81095f85a73d651579bb15ba775b5b76f9e76a801b0d6f70a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1415851840__QBihsYZB.jpg
age: 1072572
edge-cache-tag: 320805463909537930582250915514279277279,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 320805463909537930582250915514279277279,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 242
expiration: expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://herz-fuer-tiere.de/
content-length: 10344
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kiad7000066-IAD, cache-bur-kbur8200021-BUR, cache-iad-kiad7000172-IAD, cache-fra-eddf8230023-FRA
last-modified: Sat, 22 Jul 2023 19:44:38 GMT
server: nginx
x-timer: S1693427230.696040,VS0,VE1
etag: "b375c44cc35926ca8741934dca7f6cf6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 6, 1

GET
H2 200 Fliesen.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/ 76 KB
77 KB 17ms
12ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 138e31d25e30bcde8106c3c00336df7bf2e02ff4e7465c03d2007bc6800cd610

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
age: 2108928
edge-cache-tag: 624237704448984462090471028767463012506,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624237704448984462090471028767463012506,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 207
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://cdn.taboola.com/
content-length: 77560
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000143-IAD, cache-iad-kcgs7200162-IAD, cache-sna10733-LGB, cache-iad-kjyo7100117-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 17 Jul 2023 02:39:13 GMT
server: nginx
x-timer: S1693427230.700988,VS0,VE2
etag: "f3478fa97c2e81b66d470a944e9686c4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 2492, 1

GET
H2 200 ddbcbc5380b81cf5663f4bdefad0835b.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_78/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
40 KB 14ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_78/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddbcbc5380b81cf5663f4bdefad0835b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d543eaa7132025303bca4abd20adaf5c23b12d978e3dc3ea8e13b7bc9af9b544

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_78/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddbcbc5380b81cf5663f4bdefad0835b.jpg
age: 222476
edge-cache-tag: 482555741567272315985211667760937839420,311797328257522404772826741321388230312,29ecf9b93bbf306179626feeda1fab70
cache-tag: 482555741567272315985211667760937839420,311797328257522404772826741321388230312,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 842
req-referer: https://ads.taboola.com/
content-length: 40504
x-request-id: dc67bef487dfd72d863869601fa00180
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100135-IAD, cache-iad-kiad7000091-IAD, cache-iad-kiad7000172-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 28 Aug 2023 06:39:13 GMT
server: nginx
x-timer: S1693427230.714159,VS0,VE0
etag: "1e3c18f7ee8158c2f56281a65cd8686b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3

GET
H2 200 7b766fd7142f6211b31cf324e28f5b2c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 17ms
11ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b766fd7142f6211b31cf324e28f5b2c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1424cde52646c5adabd24e661a983586e0cd022f2ac35e40079f94a61c83f13c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b766fd7142f6211b31cf324e28f5b2c.jpg
age: 60878
edge-cache-tag: 492768044617870479763640515260381789401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492768044617870479763640515260381789401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 607
expiration: expiry-date="Tue, 12 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://home.ultrasurfing.com/
content-length: 8266
x-backend-name: LA_nlb202
x-served-by: cache-iad-kjyo7100031-IAD, cache-iad-kjyo7100034-IAD, cache-sna10736-LGB, cache-iad-kiad7000083-IAD, cache-fra-eddf8230023-FRA
last-modified: Sat, 12 Aug 2023 19:00:29 GMT
server: nginx
x-timer: S1693427230.714472,VS0,VE2
etag: "70ba23672ec7edc44a27faf7bb1bb4e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 323bdc54cb6a771afd6be5c0a211af50.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 23ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/323bdc54cb6a771afd6be5c0a211af50.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: baccaefe0e5b3ac7623309c683e8ef1b7dd95c99fe756891cbb2aa872b5e716d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/323bdc54cb6a771afd6be5c0a211af50.jpg
age: 118783
edge-cache-tag: 521286159796384471853118907352662767973,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 521286159796384471853118907352662767973,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 131
req-referer: https://www.saechsische.de/
content-length: 11726
x-request-id: 96bf8cf568f964fb8a30b5fdcfd24334
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kjyo7100107-IAD, cache-lga21978-LGA, cache-iad-kcgs7200127-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 29 Aug 2023 10:07:16 GMT
server: nginx
x-timer: S1693427230.717044,VS0,VE2
etag: "0954caf9d13e73cc7c272410b9777166"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 0, 1

GET
H2 200 35bf6ed2abd3287515281cdad2be96b5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 16ms
11ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35bf6ed2abd3287515281cdad2be96b5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4ad56da3141d980e5d753c2920270b98d8650051734ca3d453e5703f91201fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35bf6ed2abd3287515281cdad2be96b5.jpg
age: 1945940
edge-cache-tag: 355389184806496353075565597072485084947,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 355389184806496353075565597072485084947,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 251
expiration: expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ksta.de/
content-length: 19798
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000100-IAD, cache-iad-kiad7000033-IAD, cache-sna10720-LGB, cache-iad-kiad7000164-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 24 Jul 2023 06:26:03 GMT
server: nginx
x-timer: S1693427230.715417,VS0,VE2
etag: "8ba1d50fd3c3c8e5741ba5a276245597"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8, 1, 18, 1

GET
H2 200 6057dce7-2c8a-49b7-b4d5-6771ca28a135__favNNocO.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 9 KB
9 KB 13ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6057dce7-2c8a-49b7-b4d5-6771ca28a135__favNNocO.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b5d350f36eb48c50916b00bba9e9a43eef7069a8d3cc4ced1442286a2f74d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6057dce7-2c8a-49b7-b4d5-6771ca28a135__favNNocO.jpg
age: 1602435
edge-cache-tag: 362293894010395699815080959256481551974,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag: 362293894010395699815080959256481551974,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 91
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 8768
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100136-IAD, cache-iad-kjyo7100162-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 01 Aug 2023 23:45:30 GMT
server: nginx
x-timer: S1693427230.715223,VS0,VE0
etag: "48c37621662d92b4919adb0e8625ee0e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 138, 2

GET
H2 200 454fe0bc-9033-4fec-ae8f-609cb3c2e267__8ZOFZnsp.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 42 KB
43 KB 17ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/454fe0bc-9033-4fec-ae8f-609cb3c2e267__8ZOFZnsp.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8242ba0aa2a17ea915e40ee13bf6624a431603866a6487fc529842ce5ae52547

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/454fe0bc-9033-4fec-ae8f-609cb3c2e267__8ZOFZnsp.jpg
age: 14296
edge-cache-tag: 329774828928987521866196796266413219304,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag: 329774828928987521866196796266413219304,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 607
req-referer: https://www.plantopedia.de/
content-length: 43164
x-request-id: 90e959fb31c53ac8d3b874d4fd27b51e
x-backend-name: US_nlb104
x-served-by: cache-iad-kcgs7200038-IAD, cache-iad-kjyo7100113-IAD, cache-lga21973-LGA, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 16:19:08 GMT
server: nginx
x-timer: S1693427230.717821,VS0,VE2
etag: "a471f49ecc2c6170555b373edaf6ccba"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 5fe8c7c246d40a52982868f2d0b7b158.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 19ms
11ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fe8c7c246d40a52982868f2d0b7b158.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f2bcfeeeebcddc92338e4d5a0989ce5599e70bbf5962a6003ca9beeacdd7bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fe8c7c246d40a52982868f2d0b7b158.jpeg
age: 3148034
edge-cache-tag: 499079568401766426395321328897897487717,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 499079568401766426395321328897897487717,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 222
expiration: expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://cashroadster.com/
content-length: 36768
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200037-IAD, cache-iad-kiad7000156-IAD, cache-lga21928-LGA, cache-iad-kjyo7100084-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 03 Jul 2023 13:24:45 GMT
server: nginx
x-timer: S1693427230.739725,VS0,VE4
etag: "135908294ee9501fb929e8661505f208"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 50, 1

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ 276 B
686 B 21ms
19ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

df71571f500ba2b4ed40627f344010642ba303445063820589524f0feb682b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Wed, 30 Aug 2023 20:27:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 f158aeb52263aef0805f4b5abaecfcbc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 18ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8052a475f6987065464a04532383bf28305e2917a7f5297f8cd12cf7415fa03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
age: 2012675
edge-cache-tag: 390508218841952208715543860247050564844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390508218841952208715543860247050564844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 213
req-referer: https://www.rheinmainverlag.de/
content-length: 8054
x-request-id: 7382fbd0bcab0d2f8b87c15f87faf564
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kjyo7100158-IAD, cache-lax10666-LGB, cache-iad-kcgs7200134-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 14:58:01 GMT
server: nginx
x-timer: S1693427230.739722,VS0,VE2
etag: "807f355d795b459bb2e7c11fa5620adb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 3, 1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF54 0
20 B 116ms
112ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5247577462446&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF54 0
20 B 118ms
115ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5247577462446&version=m202307240101&ct=76&x=8&cor=3263877172216158000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF54 92 KB
38 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxOMGN4oOy3zv5UmZKDAXrQZ_zCkNmWQq2lNfTgVOcYRmqAb6Pq7vOJMqLu5R69cpb-VF3mGtdc4z6hGGWSxqybteAYhdn4m1uhjhthyIwoPBX8Fg0QLuO5VMNYfksDUP_Ik0yuM5nnh_Iz71cunFZXysSkyR5h9byPodmbWNYWz9aEFs&dbm_d=AKAmf-BVY-_jZ-P1a31cUuFMBXE9LIMQGB1avFgV2QQ4qXX8mtngl8E5S7_Ntgzai-08SxTnTMPDzYC3rLTNVeYetlAPRboE7mdtGt230GsYwz26fHqnm5jbWDMzqJUgl-Qin-qPUrSGg0Xvq6Ep9gih1bEihS-xKlK6YjsMIvk-ldWPh5p0nRhoaQzZFk0Xa4Q1F1-0L0xiSc6pNlfbt72cs0iqIOV7qKkiRVSq9fqlqLWfUgmTxog8KC6W4OXwCMRmSR6ThzeByt15UrfpgLFHRauDu2STc6uLKwzAVksPKaZsD9HZLXVaZ77GmbnzcGBnNsvcYqg3GFqMbGPmEXN9UfU2TtGuER-YV2qY8Yw-LU378pJOmXBrQzz4ymvbRfBKtCmV-wVG7NySE4ieUkN-ElX_D-STKzH6zWXuKoiBhslY6_khbkyJbM4DO-j2Heowda9epgtJxj0VRRW64IAs7jWU6uB2IdZbFHYWlcZ6dp6RlgFdhquPdDTvto-_UQsyQ7vmFbHAR40WmMqHLcrZnN7GvgjV3-rfCUrSIG99e2vypgSQ8_-3kqIRIP6WiMFJly-JI57kcRGYx9kTYVhuivgP-604OwU2ATi5tcSrY0jyziXVKRD4-iQGsCGOqN3fZHu5DgZtx9oMUcSjZ-trNnMv1kT0pPNr2Wf-J27ReyVjugxOBV2PqT8WZwtjsfE4NRqNY2RrlDs2FSiVquwdcXYxGTS9s7RCdRhpjTiS-XlEBEhJBDTlJpiScJUJFZAnx8vCFCUw1Z7qPGQBAD_QmmrPUnRnt5yof2OVmKJ1GX8k-5J48luC9lOb4GyDkpweUmITX7uFDb4cbP0dqeEldCCAtjitWnxdg5Y0VokD7tuKgLaBfvbvodfFG7sMLcmBkQBlswR7YuC_TNzOFbT09mhZHHla8lCzhLxGoU4pskpVnC_BDXRfAPUgBOzUwwKMtZyhprIyvFvhWJdsaQFkjsMn-VWw8q1n3rGtchKBvsWU29SrF1onk9C8CXbT1VUHlLliZvYRfADhMs31VIMnXgOXG6gM_Nm1aNIEDSjiEHSsmWFU3bn06A0ni41nHAk-uMhlo0VvxxqwzMlXBwsWjfySNEEENMZJMNml8A5Qckw3T6lre-bmab9r6_tu9TLDgdLm9Fu0ibBC4ml-nkZlRmxa7hnVfYvGGkWxk2jaOsY2nPtiPKIPWSRDl6yuMyD5mNaBCHRyJVIYkWUvpXS-EFAEOiekAkqnpzLqXesso5vmob4SxquZqvTHUqbW7VgxPdn_bg8QgioxdV3kMwlIfVPiLHDjyoIfxbCZgAdDYVvI1YaGa8xoKL4oBp8dmzOCq4CRSYgluGnIQgwRDMaqABaxpP0rIR7SFrQQFbhSDRqcLmFjBHjw2hzxDLWULOIZnr6Co6n8r3RBkN6Ii82-0zJkn2ojtJyGvDxElTGaEy6iCGEKasCdQDZZH51m6PUxIbkPIuwZXliALJi1nrgTIwazJf9H5xHPZu-0-cbgFI4vbIPYQT0Wt3iJmqmUZUL3bv041-NVI_FWtVnL2Ih8zXiF7t97E8ZeszHfJIMzMAzHZHnph04p9BlNv05IGIdFjeLKqG1ZP32OBbdcT2DqSlAXjLM8g2gzuP2lV_7g5tmjmMaW0gF8oWF4xOaE1iYoh7TWjGNcnL7wb3_JJdDIC5H4iCNI4y1IsVo5i5BtS351SKBmBtaHKqu58p7mFE0TVU68lvog8N2cm_qhtLtyMySFJZj7vFW_xGszeArmC4yS3D1Lr2o7EdBsljkeGABSQX4LeaUyB4PB97p0qzKp4zYMZjsBDefOE7Zr8A401ZyA2gJSQk6j1SWU8-ya8o878mxs2dteu9HUTmcqs3YppIH62hG5DQVXrMAe2zcUIqbqKXwXkY_3n98wLBLH-DPV_dxNh5vFH30g9jYVTxtVTR9cRe9WyA_Npzq_RjlryeEH45gc595gMlzGgv8eghkkjai4Ujcv6nXr1yA39-sSzm7mD63KHjyT4BcAzRdfaz8cFyTiiKT0v1CO8fR1RobM_n2mFDgCudLG2X3np9XP6EwW4rSDchr_NxetFx4Y5XFPWa5Eqrzq4ErpUu0bz6fQwucPot05yqr9AbRGJ3VF4_rq3kSsGCKKZHnvEDmbAwwgQNCuvdPIHeH-R3bNoTsvSVAJWXFo8poYMD4B4Aux30Sdn_tE1yWcvCQ77m9OfsYBdNQIxDdmTgONNi8wzQob5AKZvbWQ8qE8OQX5qY7tNQowmFDoq9YifhKQTU43Pb0sVEokfks_tQVG0tv31jFNsSEhkcQeN8A6ybO9Gfz6BGwT6n3jmBxOvj_lzcKCqi1DCdPiS68s8gZhFUw8l7no8-9FRqG8ygNnhpIXq3lSYyIXwWJ5fLircNkLDyMfO4g1QFjEAHhtVifMgOJmCwZlC-ONVe8xiLnrKHDWD9p4HD9CQ1N1MOlgCywl1K8IGfsHNe7QLnmi1iWBj8oAACa_CGkhetZ-SO5a_l10Kei-d4WtnDG5Y9AJP31tIZQ90744FVgSropfEY9g_Ydg2YqkwVsKb_7Ij_xtxWKJScZwh_27XpnBCMmXLXw9IgB_XcT42h17TmZH11zDAA_7G1zDR5HuKilt3i1Ts_JuK7s0TrHP5sAiZKB07iR67KIO5myZmV80D64gh2BpBv0R1hvnHjF2woTizD6U2N10yztoOBmLTOJCUHocPde6tbR8HZ3rC6xzFiQ_CAMof3WXJavPER78AthH8nL8fiy7XiI834mhI3l7d8-ZyN81jRqwXBAEH76iOABl9zrdEGac83-NPBX5VFkNUO2R_2qrGchrCTHZRsHT1QD_4-XKNKyu981a8ga9_TwudGuUkf_KDFul9zOQvfqVpE5qfQzdtTb6SgMD6XAEW74TNktBiXT1a07ubNlp7Wkbq1gP8T4FF6rr7RjNSm2cVKZs76dF3xu7qu8l2GWKj44HVpx4dH-_6XvrGwEBPUoEa6L54JMxBIxvW5GFASp5Ftqdzs1MAUUpVA5oFHFqFYKEe5mtxWD44G5pr_TQ2kcgkuA-EbbDhZoD-QGJ7MqQLwPWgi9PZC24ItT3AJVXXQjOXybiwUe3CKc4rlHhUmmYFCnfTw4vQ9f089pjf0O1JRbXKI7bjhl5AIJ2d8Tb_XzcO2IEMg6WHW4xL01mZQWk5OtWmtxAkZME5emFX5lHYE6K_W3h_Tn8iEntxl3_6mmUPxl0SBhVgqBCPm0_OxVQmZ4Voz4rYLViFC9fsJuf2k3r6VnL4oUFe-YinmPhXe-LUAuwXWoIQfWdml9adZj9pUzyq4oxI4_m4huCdJ6r4f8kT2HNucP3Rmjswr_geI9Jz8m29KB70AZEe0DxU2ExLAS6_LZL2uErKfznyNsFxZn7WEy5emEMjkTWSJRO_eT5l-fgp4KkaxkeK0NT6x96XJ_1TmnnsPsLIzREj00TwxzUSXl67CPENjgkmXd2SB3Gafa2wVrWQDexYN-Sm1tQR5nwdtOSKnbGcxDlAJekR7tmgrAqFEZSyPXQhriQEtgr5J1RIgydEL5cQp-0m5uxU_0-j5wfnBKZhb7o8UnQ&pr=8%3A94B9E5E450E3E031&cid=CAQSMgBpAlJWirHWGp1IkK_QLq23eZd4BJU6On_Iv6dJgjK54U3Qakf2mEJJ8Gi_kXikxV7OGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ds=l&xdt=0&iif=1&cor=3263877172216158000&adk=4144141728&idt=151&cac=0&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58865ad4456470b7b3bf6ecc5b31936d2781e7de94182870d5dd257cb820c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38719
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A58 0
20 B 140ms
139ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9642617563719&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A58 0
20 B 141ms
140ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9642617563719&version=m202307240101&ct=76&x=8&cor=2258101414342114300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5A58 91 KB
38 KB 73ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxvWN1oH295yMiUX8YlpArSEeRm7KHHa7g8JiONxyJgdJ3jWu85h9xrtVelZ7J7sl0Z3Ir1ui0jiZt5_3LhFEye67Ms_wRJ4lYNFt5Yt8dBdSTkN57-aH21E6Z2MkdOZrWCEuE4e6BTwPDuy2ZxnhNDpoY9moTttQMuPeFSongnsQSjPo&dbm_d=AKAmf-BLxBHmSNSlNlkbo_SmzSSqj_LJJrSwWtXKoiLCjmJkpMTLJQaDc_cpoDqVgw6xM317w6eRRg3ZZWSbPvKkGhjSSM7gATGIKr9hjotQnAMwvRNUBZDhI-oqFgCmPmwVPUF2YzDgFzQI7hWLBrR3IsB2qAy_Q8slcMhWZKt6vbma1GTjQ_pG9iOsQXjT50QyW6PAgOu6OX5d_95GiMd9vWiKSWLPghaEem-CKsDwPzTWvkvBYJJYOb9WYFIRk8ZOlT1uNVIpnCLb4iVEPMhyFCf_oDiaqeWt5-jkLFWHHbF5y8aPnJfA7DlkSsMwfnqfuibkUICXJ5vqCa3KXJDjP0CPvs6zu1opVt_jDwabQ7ul0qwlggMbyssF-VlrNgUADdGepKdmX5zy-Zeml4Je_0Tq0oTBuE8MxzyQxiFzk0qpmEKnvlcMeNp7RxCY5wDdxl2TPvEO6_On5sYyyGSQYHpjTcmyPRZPL2aC5x2QEhPfsq3E0CN0uSieeemX8I3U5Yv-dvuuEc4fUlxbpY4kvMfythQYGdkkNto774sVFIWwEQhIUF5IJ-1jVNU_rZldXTWyNmfrRqmk1Tv6pyB6A3zBTQXHeQu3jaSloWIeze4YfEGRVrlRhqjlgJV5jS9HGLh-srO3dCGwc1m8DfAtsCWViN5cah7rrmXrMATSEBWlZ9N-vh8pFsQUBEBPQb9Uu43gmjqbScgRBV4XCYY-_IDQ_-jK44VGadWvJdRCskPq_P2eQohIesJqUAIzMdc-86OZzWaCNCZZaOwvQVeKFs1DEFWzOhtXUMXvFZeyBTT2W8kQlryoq68WsHTbP5LZc0IjRNe8EamNAx6vAPU0aE43ZGS68cijt2_JF0fu2QOzonFHVtGPAFG1Y0sfFgQ4ujF126sUdvMZBCLTF_tApAgIS2J3cKGruivGe-ARliY3GlZ2hqU--kudjccj58RMopzYS3Z1dT7MX2fLJO_zdccV3FL03_MjJx7IvxQf9HtJcaYZHe9EvMHaWS7HizpIVOcquu_oMSohS-jPsHKGT3qgPdvD0HagtwCrpYjNV0R2KEcBheL4nE_vfdrbBbwyCiQEsUKIP67aWStFDwyPqeby8ACyV580WRBingtd0uSnKYYQWeEcwH1Dyj7-7jsLJ7jPzd-eKPUoUDRM5hovNS4SwSS-WePBXXN8-DCVIIR_LyeBxvaoubj4yMj9reHq1pJh3zEGD30GUXxBnX11MezXQMlPwwCQkfCQuDevMsVMqlHIusWb_8uP0uEvOz5jNV8Grcjx5Oq5PdXLpwEN3oA_Eu-eG8iE05ZB-xc_Qo5FYNw4bs51m4mh-XyNg-0tdy44V7e6Hv7ed4G-gQA3SWn9-HY7WQybXgnQm8mM5X92OpXpN3UHBWKwWTv05wje50Y2U4GWcWS-s5mNSkXYx3ahdXoieKmB_pKNKgoTLoAVdnFDFJmLlugEYI_ijZjLutmGiBLnsbJaBI2sAUIXW-GugIu0n1PvcMS3rLCk_fLTDH0p-eWIYe3dSRav8kuuTaN2K14fmAEFyqtv4xc9UID1H8yp9oF1sZNNjaWvDG3gpplD0jpWJH8ArqY0kN4b-DEyOMQ3GrsCn2WdR4pW3T8kDfiQDDTFBzPN9En06jfjLnkoD286uU8CkWj7gQfCoKXbYrTapxCWZ40UN42Ov7DV3CcHe529ygyBSG4cMnqLgBk0Sh4r6-lvy5Btr6u0UyCTIvysLfxD1mrEZ_achm4qjK6xdbjv6QAHlldUgxNkF6hj6pWDBRdDWY4aV8TL4b78D_HxfEQ2cq91cCDXnHGH0Eq1yyu4l8DUpnS6dnsAV7uc7_C-jmR8-EOww8u0FF_WM2Q7p6RHw7QWb5amZdDrOhr-Z_SCVY-cXuCJabMOQhvFZNbI71925veK1MjjX-bhxFpVsG8YA6Q1bKiPGLmTVLq6KAt-5wjlqbzjAz5WvgyX5NIU9KDqna_cpT_cVIoXyZQCYTDHrMVOG1mYtBN_x0l_II5c8Id6DfrdMFdSjxJLGhiscGL0N_rpkDN3DLZd34x1A1cmuRxPpAViZ0bUaOMazIilF0Gkby96MA0q9e9eGrgbqLMDmk0y43n_C9L6sHwIoz9239WXJqM_0E0Z7lcA6oTqfXQqrbqcVVR_Ev24G6c_EDfEmaw3BmI1_-EmUs6zWpmn05W3EIAj542L2HB9qFOIAc5Eb_z0by-MFPZt0D7vYlNXGqr1Vtma9Zb6bZqF3uVeSDORNw2oxr0fKcin26VxeYSJ3j5Fsvs-TZqyPy-Op6Rv-EKWjW4ZbBdxsy146ayEvFLdskDA2P7VwhrKXZwAKVqXJ8te4iDru9UqN1ZUTe31ejPn4mKXFzxk5_MrcX4RZvkbQpJeswCIEM8yAXfps6rwv7e8HvtH3Dz2upxzZW6XVIkSqxFlQ0ZtI2U7hITBE_n_ailKqSdllb4YJ0LNuvQjWVjaiPRSbUGhKOvwWyx377wrJ3cHkEmFt4_OJQWaJjRhn6TdHAFVJp1F2Whgv5KkwV0cIhld2RY5k_0nI5ip1v_fcgHi8xexLCOqS1zpF8ZLhz2TpE0F3me-tF-wShsatjYXF3m1BP822cMawuc1f0WfRRutMTxLU25LFFejBFWbf0OqljNBH4oN0D6mHPaa4n-No64fTkek_W1s22n3r-WzEkVGgPO_r2XDTuw8REVdNZKcQBIrWtqi9cThgC-hVogtdBAgNo12HVDNqXCA0Gh5A77Nm3uWOInenckxTK3s4aMcK6ay-lVoN6pakz9tdMKfZZy_Q4E5NFJRrqFICwHDw_OdFpRGXCtK7kNiB2IPSlLzFrxFxwwb8Gl9UHIVZDo2t34A5VGN7hS75Th9o8CqA0hVTb1eV5yC1j_oxZEfH6aP8C4MM_cL-OlA9gF2uLQa6GAZG0kMwjKxwkB0xnU7uMFkll-pMiRIrYePZX-aYlBZegO7Ckdg3f0W-pinwAS6MAtmVNTCf-FQnQJz82Iit8HNyXaU5JKpaRShGGbxRX0dWrvqpscsx4eLlS1juaCgpIu18dFtwH6qJmabfjIM_utnRhSvIXIEWNRXLZGsev_J4meQnmj865ZgBXz5AYqAOK3Dm17RzZJzyiPlwnE853IWyRMEPMJHeU9OWc1XF0pB48e08BwNLuM1VlpBAU_4fBd3XHCyxrfmDvrnYLnYDANSy7MTlA3NvFjrhZH0CughDIcNo80eUdh5MVapsoerfFbjOEouRHA9Bf0nBnHsSAeMTWizH9Af3YgoU4nwxZeB2hneHXUh9ypZcLxkfTNyNsJ0vTLBWk-O8qXr4HKWFcRs9hXNspabhn1Jz3cDqKBSEIbz9-trBszwzJXYvQ5t8t0XqsbeEG0mDSlTo3Zg1donYD7XZv1zGnLMeFz86_JfQaQn8qhXXdjTzs-5Mi0Gtf08DU4NXEez04Tpgku4DA9QHGOxwYCZAjDJlIM05FK7YDot0NizbHEMriZllQ5yzbWsUrUdRcaGFyVBH-5DQMppdXX_gLeJ2t8bURPYKfAVjzsWS_U7BrP22faqhaef0RX4dO0uRuX_Mpp3JULwQ99yvP-yyEAZ&pr=8%3A3A82E4A87ADAF56B&cid=CAQSMgBpAlJWShi0ZfGowvSsB-YEYqnhDsqAiVHR4Q2wFpJJYhn7-Vvuhpe8oIr0Btc23qKKGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ds=l&xdt=0&iif=1&cor=2258101414342114300&adk=2463653847&idt=215&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4b85f7490fcc3d9049fd04a57cdaaf0202a0846ae37c45f27bdd4f8b12c1e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0E5D 70 B
265 B 172ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=undefined&cb=1693427229535&uv=3322&tms=1693427229535&abt=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=51698f32-a97b-43eb-9a0c-2748bda78255&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0E5D 43 B
426 B 174ms
44ms Image
image/gif 2a05:d018:d29:3605:f821:c088:dfda:b5f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=undefined&cb=1693427229535&uv=3322&tms=1693427229535&abt=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=51698f32-a97b-43eb-9a0c-2748bda78255&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f821:c088:dfda:b5f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0D2F 70 B
264 B 160ms
43ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0D2F 43 B
425 B 173ms
57ms Image
image/gif 2a05:d018:d29:3605:f821:c088:dfda:b5f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f821:c088:dfda:b5f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 0D2F 43 B
146 B 100ms
10ms Image
image/gif 18.159.70.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.70.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-70-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
73 B 33ms
32ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?tvi2=12316&route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 18
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7370
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
server: nginx
x-timer: S1693427230.971042,VS0,VE18
content-type: image/gif
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 154 KB
52 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9a4ea91cb3898eac37d38cbb0b15a9e347422b245e68008c8f29af3eec2e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53640
x-xss-protection: 0
server: cafe
etag: 6481718504542982019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:10 GMT

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
346 B 17ms
16ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=12316&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7505
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
server: nginx
x-timer: S1693427230.978524,VS0,VE9
content-type: image/gif
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
63 B 17ms
17ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=12316&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 30 Aug 2023 20:27:09 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7678
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
server: nginx
x-timer: S1693427230.981586,VS0,VE9
content-type: image/gif
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14841624141432236731/ Frame 1BBB 31 KB
31 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14841624141432236731/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1eb77383fab9b45bb95a5289a2d0134372a09dd20647d5a2e25e88d1cdb2087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:56:54 GMT
x-content-type-options: nosniff
age: 397815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32057
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 02:43:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 05:56:54 GMT

GET
DATA 200
OK truncated
/ Frame 1BBB 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0315833d2639cb577802d0f0e001e59e46b1460eb43be72202dd29f11ae4d93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d93162cf1cacddecf90e5e9e7fd7b50c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 016a592f00170a77e5037f43bf391a6f1b15913934f618e17cdcdd644b8853b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d93162cf1cacddecf90e5e9e7fd7b50c.jpg
age: 1600465
edge-cache-tag: 463669085872636427271271754656548274404,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 463669085872636427271271754656548274404,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 306
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tichyseinblick.de/daili-es-sentials/scholz-krafft-hess-plakat/?fbclid=IwAR3iG0hiL4d27EH8C_z5V8JYJj2fs1djJT7GXS6f1edxfXLU1KSQxbjCY_0
content-length: 83066
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200090-IAD, cache-iad-kjyo7100056-IAD, cache-iad-kiad7000110-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 01 Aug 2023 07:02:27 GMT
server: nginx
x-timer: S1693427230.075246,VS0,VE0
etag: "1071ab0326eaa8f510451a3e30ac613c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 18, 6

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 80BB 0
0 131ms
112ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230829&jk=1277819846769102&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F329 281 B
554 B 125ms
13ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=undefined&cb=1693427229535&uv=3322&tms=1693427229535&abt=nonrv_vA!smbs!ufm_vD!ul3328_vB!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=51698f32-a97b-43eb-9a0c-2748bda78255&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 20:27:10 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/257601af3aa2662cf5fcbf4e7904d7f7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2804b522a25c65e8d2907c2611d13b44af7266525e8b3f291ca04d655bb7b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/257601af3aa2662cf5fcbf4e7904d7f7.jpg
age: 446565
edge-cache-tag: 325820447602185906886401445746953671241,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 325820447602185906886401445746953671241,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 324
req-referer: https://tvmag.lefigaro.fr/programme-tv/people/obseques-de-gerard-leclerc-les-premieres-images-du-cortege-20230824
content-length: 6010
x-request-id: 442ec936542d2ad2ed8a20b01e86b108
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200126-IAD, cache-sna10744-LGB, cache-iad-kjyo7100176-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 25 Aug 2023 12:05:17 GMT
server: nginx
x-timer: S1693427230.075189,VS0,VE0
etag: "9bac6361719dea457b6d4742659b81e8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 801e40ebea53d1df257fd8917c03e7dc915e6bcdc51fb4d4a4362687b16b4abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 1027705
edge-cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 745
req-referer: https://www.foxsports.com/
content-length: 8822
x-request-id: ace1166fe0f8ab9e198af54abc324b5c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100113-IAD, cache-sna10726-LGB, cache-iad-kiad7000136-IAD, cache-fra-eddf8230023-FRA
last-modified: Sun, 13 Aug 2023 13:13:55 GMT
server: nginx
x-timer: S1693427230.076244,VS0,VE0
etag: "c64de5afe6c88990dc4e3d4d7d879f65"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5333, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c3d40173f505e33f6e84cff67ed96ea.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6929bbe411ea16e17cac6b34da944610a1cb34353c4244a36a3dcaf468728a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c3d40173f505e33f6e84cff67ed96ea.jpg
age: 2563428
edge-cache-tag: 419436037701189592831284709431285966254,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 419436037701189592831284709431285966254,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 137
expiration: expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cbsnews.com/
content-length: 25716
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000131-IAD, cache-iad-kcgs7200026-IAD, cache-sna10721-LGB, cache-iad-kiad7000052-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 24 Jul 2023 07:35:49 GMT
server: nginx
x-timer: S1693427230.075726,VS0,VE0
etag: "ecac314d95ba4464daa9da00ca7f7c98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f6c8adc536d8a8db5ff2c88814caf26.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3687ad35bebbe9b7c32c51f353237548ad315007e7c768b2f228aa69b1d010f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f6c8adc536d8a8db5ff2c88814caf26.jpg
age: 2008329
edge-cache-tag: 582952071041832141257199039548830661644,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 582952071041832141257199039548830661644,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 181
expiration: expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/faits-divers/marseille-repeche-a-14-metres-de-profondeur-dans-une-calanque-un-touriste-belge-dans-un-etat-critique-20230806
content-length: 13708
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000030-IAD, cache-iad-kcgs7200107-IAD, cache-lga21942-LGA, cache-iad-kiad7000149-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 12 Jul 2023 09:46:41 GMT
server: nginx
x-timer: S1693427230.076010,VS0,VE0
etag: "084c42f5c2099a17a43ca83bf17aeac9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 102, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1415851840__QBihsYZB.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f1c67e7c40b66ef81095f85a73d651579bb15ba775b5b76f9e76a801b0d6f70a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1415851840__QBihsYZB.jpg
age: 1072572
edge-cache-tag: 320805463909537930582250915514279277279,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 320805463909537930582250915514279277279,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 242
expiration: expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://herz-fuer-tiere.de/
content-length: 10344
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kiad7000066-IAD, cache-bur-kbur8200021-BUR, cache-iad-kiad7000172-IAD, cache-fra-eddf8230023-FRA
last-modified: Sat, 22 Jul 2023 19:44:38 GMT
server: nginx
x-timer: S1693427230.075606,VS0,VE0
etag: "b375c44cc35926ca8741934dca7f6cf6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 6, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 138e31d25e30bcde8106c3c00336df7bf2e02ff4e7465c03d2007bc6800cd610

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
age: 2108928
edge-cache-tag: 624237704448984462090471028767463012506,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624237704448984462090471028767463012506,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 207
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://cdn.taboola.com/
content-length: 77560
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000143-IAD, cache-iad-kcgs7200162-IAD, cache-sna10733-LGB, cache-iad-kjyo7100117-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 17 Jul 2023 02:39:13 GMT
server: nginx
x-timer: S1693427230.099362,VS0,VE0
etag: "f3478fa97c2e81b66d470a944e9686c4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 2492, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_78/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddbcbc5380b81cf5663f4bdefad0835b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d543eaa7132025303bca4abd20adaf5c23b12d978e3dc3ea8e13b7bc9af9b544

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_78/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddbcbc5380b81cf5663f4bdefad0835b.jpg
age: 222476
edge-cache-tag: 482555741567272315985211667760937839420,311797328257522404772826741321388230312,29ecf9b93bbf306179626feeda1fab70
cache-tag: 482555741567272315985211667760937839420,311797328257522404772826741321388230312,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 842
req-referer: https://ads.taboola.com/
content-length: 40504
x-request-id: dc67bef487dfd72d863869601fa00180
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100135-IAD, cache-iad-kiad7000091-IAD, cache-iad-kiad7000172-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 28 Aug 2023 06:39:13 GMT
server: nginx
x-timer: S1693427230.101051,VS0,VE0
etag: "1e3c18f7ee8158c2f56281a65cd8686b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b766fd7142f6211b31cf324e28f5b2c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1424cde52646c5adabd24e661a983586e0cd022f2ac35e40079f94a61c83f13c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b766fd7142f6211b31cf324e28f5b2c.jpg
age: 60878
edge-cache-tag: 492768044617870479763640515260381789401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492768044617870479763640515260381789401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 607
expiration: expiry-date="Tue, 12 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://home.ultrasurfing.com/
content-length: 8266
x-backend-name: LA_nlb202
x-served-by: cache-iad-kjyo7100031-IAD, cache-iad-kjyo7100034-IAD, cache-sna10736-LGB, cache-iad-kiad7000083-IAD, cache-fra-eddf8230023-FRA
last-modified: Sat, 12 Aug 2023 19:00:29 GMT
server: nginx
x-timer: S1693427230.101347,VS0,VE0
etag: "70ba23672ec7edc44a27faf7bb1bb4e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/323bdc54cb6a771afd6be5c0a211af50.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: baccaefe0e5b3ac7623309c683e8ef1b7dd95c99fe756891cbb2aa872b5e716d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/323bdc54cb6a771afd6be5c0a211af50.jpg
age: 118783
edge-cache-tag: 521286159796384471853118907352662767973,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 521286159796384471853118907352662767973,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 131
req-referer: https://www.saechsische.de/
content-length: 11726
x-request-id: 96bf8cf568f964fb8a30b5fdcfd24334
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kjyo7100107-IAD, cache-lga21978-LGA, cache-iad-kcgs7200127-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 29 Aug 2023 10:07:16 GMT
server: nginx
x-timer: S1693427230.101730,VS0,VE0
etag: "0954caf9d13e73cc7c272410b9777166"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35bf6ed2abd3287515281cdad2be96b5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4ad56da3141d980e5d753c2920270b98d8650051734ca3d453e5703f91201fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35bf6ed2abd3287515281cdad2be96b5.jpg
age: 1945940
edge-cache-tag: 355389184806496353075565597072485084947,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 355389184806496353075565597072485084947,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 251
expiration: expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ksta.de/
content-length: 19798
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000100-IAD, cache-iad-kiad7000033-IAD, cache-sna10720-LGB, cache-iad-kiad7000164-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 24 Jul 2023 06:26:03 GMT
server: nginx
x-timer: S1693427230.101744,VS0,VE0
etag: "8ba1d50fd3c3c8e5741ba5a276245597"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8, 1, 18, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6057dce7-2c8a-49b7-b4d5-6771ca28a135__favNNocO.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b5d350f36eb48c50916b00bba9e9a43eef7069a8d3cc4ced1442286a2f74d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6057dce7-2c8a-49b7-b4d5-6771ca28a135__favNNocO.jpg
age: 1602435
edge-cache-tag: 362293894010395699815080959256481551974,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag: 362293894010395699815080959256481551974,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 91
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 8768
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100136-IAD, cache-iad-kjyo7100162-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 01 Aug 2023 23:45:30 GMT
server: nginx
x-timer: S1693427230.101750,VS0,VE0
etag: "48c37621662d92b4919adb0e8625ee0e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 138, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/454fe0bc-9033-4fec-ae8f-609cb3c2e267__8ZOFZnsp.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8242ba0aa2a17ea915e40ee13bf6624a431603866a6487fc529842ce5ae52547

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/454fe0bc-9033-4fec-ae8f-609cb3c2e267__8ZOFZnsp.jpg
age: 14296
edge-cache-tag: 329774828928987521866196796266413219304,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag: 329774828928987521866196796266413219304,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 607
req-referer: https://www.plantopedia.de/
content-length: 43164
x-request-id: 90e959fb31c53ac8d3b874d4fd27b51e
x-backend-name: US_nlb104
x-served-by: cache-iad-kcgs7200038-IAD, cache-iad-kjyo7100113-IAD, cache-lga21973-LGA, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 16:19:08 GMT
server: nginx
x-timer: S1693427230.140139,VS0,VE0
etag: "a471f49ecc2c6170555b373edaf6ccba"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fe8c7c246d40a52982868f2d0b7b158.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f2bcfeeeebcddc92338e4d5a0989ce5599e70bbf5962a6003ca9beeacdd7bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fe8c7c246d40a52982868f2d0b7b158.jpeg
age: 3148034
edge-cache-tag: 499079568401766426395321328897897487717,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 499079568401766426395321328897897487717,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 222
expiration: expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://cashroadster.com/
content-length: 36768
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200037-IAD, cache-iad-kiad7000156-IAD, cache-lga21928-LGA, cache-iad-kjyo7100084-IAD, cache-fra-eddf8230023-FRA
last-modified: Mon, 03 Jul 2023 13:24:45 GMT
server: nginx
x-timer: S1693427230.140167,VS0,VE0
etag: "135908294ee9501fb929e8661505f208"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 50, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8052a475f6987065464a04532383bf28305e2917a7f5297f8cd12cf7415fa03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f158aeb52263aef0805f4b5abaecfcbc.jpg
age: 2012675
edge-cache-tag: 390508218841952208715543860247050564844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390508218841952208715543860247050564844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 213
req-referer: https://www.rheinmainverlag.de/
content-length: 8054
x-request-id: 7382fbd0bcab0d2f8b87c15f87faf564
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kjyo7100158-IAD, cache-lax10666-LGB, cache-iad-kcgs7200134-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 14:58:01 GMT
server: nginx
x-timer: S1693427230.140119,VS0,VE0
etag: "807f355d795b459bb2e7c11fa5620adb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 3, 2

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BF54 111 KB
39 KB 120ms
16ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 10:55:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/elements/html/ Frame BF54 11 KB
4 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxOMGN4oOy3zv5UmZKDAXrQZ_zCkNmWQq2lNfTgVOcYRmqAb6Pq7vOJMqLu5R69cpb-VF3mGtdc4z6hGGWSxqybteAYhdn4m1uhjhthyIwoPBX8Fg0QLuO5VMNYfksDUP_Ik0yuM5nnh_Iz71cunFZXysSkyR5h9byPodmbWNYWz9aEFs&dbm_d=AKAmf-BVY-_jZ-P1a31cUuFMBXE9LIMQGB1avFgV2QQ4qXX8mtngl8E5S7_Ntgzai-08SxTnTMPDzYC3rLTNVeYetlAPRboE7mdtGt230GsYwz26fHqnm5jbWDMzqJUgl-Qin-qPUrSGg0Xvq6Ep9gih1bEihS-xKlK6YjsMIvk-ldWPh5p0nRhoaQzZFk0Xa4Q1F1-0L0xiSc6pNlfbt72cs0iqIOV7qKkiRVSq9fqlqLWfUgmTxog8KC6W4OXwCMRmSR6ThzeByt15UrfpgLFHRauDu2STc6uLKwzAVksPKaZsD9HZLXVaZ77GmbnzcGBnNsvcYqg3GFqMbGPmEXN9UfU2TtGuER-YV2qY8Yw-LU378pJOmXBrQzz4ymvbRfBKtCmV-wVG7NySE4ieUkN-ElX_D-STKzH6zWXuKoiBhslY6_khbkyJbM4DO-j2Heowda9epgtJxj0VRRW64IAs7jWU6uB2IdZbFHYWlcZ6dp6RlgFdhquPdDTvto-_UQsyQ7vmFbHAR40WmMqHLcrZnN7GvgjV3-rfCUrSIG99e2vypgSQ8_-3kqIRIP6WiMFJly-JI57kcRGYx9kTYVhuivgP-604OwU2ATi5tcSrY0jyziXVKRD4-iQGsCGOqN3fZHu5DgZtx9oMUcSjZ-trNnMv1kT0pPNr2Wf-J27ReyVjugxOBV2PqT8WZwtjsfE4NRqNY2RrlDs2FSiVquwdcXYxGTS9s7RCdRhpjTiS-XlEBEhJBDTlJpiScJUJFZAnx8vCFCUw1Z7qPGQBAD_QmmrPUnRnt5yof2OVmKJ1GX8k-5J48luC9lOb4GyDkpweUmITX7uFDb4cbP0dqeEldCCAtjitWnxdg5Y0VokD7tuKgLaBfvbvodfFG7sMLcmBkQBlswR7YuC_TNzOFbT09mhZHHla8lCzhLxGoU4pskpVnC_BDXRfAPUgBOzUwwKMtZyhprIyvFvhWJdsaQFkjsMn-VWw8q1n3rGtchKBvsWU29SrF1onk9C8CXbT1VUHlLliZvYRfADhMs31VIMnXgOXG6gM_Nm1aNIEDSjiEHSsmWFU3bn06A0ni41nHAk-uMhlo0VvxxqwzMlXBwsWjfySNEEENMZJMNml8A5Qckw3T6lre-bmab9r6_tu9TLDgdLm9Fu0ibBC4ml-nkZlRmxa7hnVfYvGGkWxk2jaOsY2nPtiPKIPWSRDl6yuMyD5mNaBCHRyJVIYkWUvpXS-EFAEOiekAkqnpzLqXesso5vmob4SxquZqvTHUqbW7VgxPdn_bg8QgioxdV3kMwlIfVPiLHDjyoIfxbCZgAdDYVvI1YaGa8xoKL4oBp8dmzOCq4CRSYgluGnIQgwRDMaqABaxpP0rIR7SFrQQFbhSDRqcLmFjBHjw2hzxDLWULOIZnr6Co6n8r3RBkN6Ii82-0zJkn2ojtJyGvDxElTGaEy6iCGEKasCdQDZZH51m6PUxIbkPIuwZXliALJi1nrgTIwazJf9H5xHPZu-0-cbgFI4vbIPYQT0Wt3iJmqmUZUL3bv041-NVI_FWtVnL2Ih8zXiF7t97E8ZeszHfJIMzMAzHZHnph04p9BlNv05IGIdFjeLKqG1ZP32OBbdcT2DqSlAXjLM8g2gzuP2lV_7g5tmjmMaW0gF8oWF4xOaE1iYoh7TWjGNcnL7wb3_JJdDIC5H4iCNI4y1IsVo5i5BtS351SKBmBtaHKqu58p7mFE0TVU68lvog8N2cm_qhtLtyMySFJZj7vFW_xGszeArmC4yS3D1Lr2o7EdBsljkeGABSQX4LeaUyB4PB97p0qzKp4zYMZjsBDefOE7Zr8A401ZyA2gJSQk6j1SWU8-ya8o878mxs2dteu9HUTmcqs3YppIH62hG5DQVXrMAe2zcUIqbqKXwXkY_3n98wLBLH-DPV_dxNh5vFH30g9jYVTxtVTR9cRe9WyA_Npzq_RjlryeEH45gc595gMlzGgv8eghkkjai4Ujcv6nXr1yA39-sSzm7mD63KHjyT4BcAzRdfaz8cFyTiiKT0v1CO8fR1RobM_n2mFDgCudLG2X3np9XP6EwW4rSDchr_NxetFx4Y5XFPWa5Eqrzq4ErpUu0bz6fQwucPot05yqr9AbRGJ3VF4_rq3kSsGCKKZHnvEDmbAwwgQNCuvdPIHeH-R3bNoTsvSVAJWXFo8poYMD4B4Aux30Sdn_tE1yWcvCQ77m9OfsYBdNQIxDdmTgONNi8wzQob5AKZvbWQ8qE8OQX5qY7tNQowmFDoq9YifhKQTU43Pb0sVEokfks_tQVG0tv31jFNsSEhkcQeN8A6ybO9Gfz6BGwT6n3jmBxOvj_lzcKCqi1DCdPiS68s8gZhFUw8l7no8-9FRqG8ygNnhpIXq3lSYyIXwWJ5fLircNkLDyMfO4g1QFjEAHhtVifMgOJmCwZlC-ONVe8xiLnrKHDWD9p4HD9CQ1N1MOlgCywl1K8IGfsHNe7QLnmi1iWBj8oAACa_CGkhetZ-SO5a_l10Kei-d4WtnDG5Y9AJP31tIZQ90744FVgSropfEY9g_Ydg2YqkwVsKb_7Ij_xtxWKJScZwh_27XpnBCMmXLXw9IgB_XcT42h17TmZH11zDAA_7G1zDR5HuKilt3i1Ts_JuK7s0TrHP5sAiZKB07iR67KIO5myZmV80D64gh2BpBv0R1hvnHjF2woTizD6U2N10yztoOBmLTOJCUHocPde6tbR8HZ3rC6xzFiQ_CAMof3WXJavPER78AthH8nL8fiy7XiI834mhI3l7d8-ZyN81jRqwXBAEH76iOABl9zrdEGac83-NPBX5VFkNUO2R_2qrGchrCTHZRsHT1QD_4-XKNKyu981a8ga9_TwudGuUkf_KDFul9zOQvfqVpE5qfQzdtTb6SgMD6XAEW74TNktBiXT1a07ubNlp7Wkbq1gP8T4FF6rr7RjNSm2cVKZs76dF3xu7qu8l2GWKj44HVpx4dH-_6XvrGwEBPUoEa6L54JMxBIxvW5GFASp5Ftqdzs1MAUUpVA5oFHFqFYKEe5mtxWD44G5pr_TQ2kcgkuA-EbbDhZoD-QGJ7MqQLwPWgi9PZC24ItT3AJVXXQjOXybiwUe3CKc4rlHhUmmYFCnfTw4vQ9f089pjf0O1JRbXKI7bjhl5AIJ2d8Tb_XzcO2IEMg6WHW4xL01mZQWk5OtWmtxAkZME5emFX5lHYE6K_W3h_Tn8iEntxl3_6mmUPxl0SBhVgqBCPm0_OxVQmZ4Voz4rYLViFC9fsJuf2k3r6VnL4oUFe-YinmPhXe-LUAuwXWoIQfWdml9adZj9pUzyq4oxI4_m4huCdJ6r4f8kT2HNucP3Rmjswr_geI9Jz8m29KB70AZEe0DxU2ExLAS6_LZL2uErKfznyNsFxZn7WEy5emEMjkTWSJRO_eT5l-fgp4KkaxkeK0NT6x96XJ_1TmnnsPsLIzREj00TwxzUSXl67CPENjgkmXd2SB3Gafa2wVrWQDexYN-Sm1tQR5nwdtOSKnbGcxDlAJekR7tmgrAqFEZSyPXQhriQEtgr5J1RIgydEL5cQp-0m5uxU_0-j5wfnBKZhb7o8UnQ&pr=8%3A94B9E5E450E3E031&cid=CAQSMgBpAlJWirHWGp1IkK_QLq23eZd4BJU6On_Iv6dJgjK54U3Qakf2mEJJ8Gi_kXikxV7OGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ds=l&xdt=0&iif=1&cor=3263877172216158000&adk=4144141728&idt=151&cac=0&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:23:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame BF54 30 KB
11 KB 68ms
59ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:23:31 GMT

GET
H/1.1 200
OK UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF54 41 KB
16 KB 310ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 08:48:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 41926
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15207
X-XSS-Protection: 0
Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Vary: Accept-Encoding
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 29 Aug 2024 08:48:24 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0753 281 B
554 B 89ms
10ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 20:27:10 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF54 0
0 92ms
51ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvzSMqy7vtGy4q16CubGgcmLz_5os2AkY5oWVZs9n3-wDks7jKAC0nkD-mw3KOTG9j07p-jWX1a0wsNFMJ2a1YB5bYLbltZH8HIc5-NEeUXxNwWgW--afhL3h5OQZ4IQ-u7jrOdpqPkEEw-vNZITJllE_LXDY8imZhGB9sk8NGUA5v2dSEKPODgDr2Mfew4wK93YwNb9I6UNMNq6nH_hLjGejoqFj0B280RCat5XBTALBASv-Hsdn8Ewmw5Zs8gYhuIOiniHD_hc6_BpwqkXm7Mwk3celkitXj6nQ4AM0vHqCA-4gV64oR9iT5dDGylh_BuLaaNc4eNlilgCv55rkC6cZJfsaxpqS5Kms&sai=AMfl-YRipv9HgyJ9Dz-rVnLovCtTAtevvaaWpzaLV1TPJvdBs0EWA-zQoA0BD4cnxOmMlXQLKr3bY7FSR8MmJhWVp9Xr6UuPUTmbusufhJ1utM0&sig=Cg0ArKJSzOubktVWS1mNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:10 GMT

GET
DATA 200
OK truncated
/ Frame BF54 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b8bb67925974d6043d895b9dd8c9a71d2657dc623f35b2e6af425868a79bea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 flickstree_combine_content_17_06_230.ts Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 2 MB
2 MB 24ms
24ms XHR
video/mp2t 138.199.36.7
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/flickstree_combine_content_17_06_230.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-7.bunnyinfra.net
Software: BunnyCDN-DE1-1047 /
Resource Hash: e5333d4bcaf0ba8811fe10ae35f1bf54082d7f5a1b6fe8a25ff0f9aa5c2fd507

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 30 Aug 2023 20:27:10 GMT
cdn-edgestorageid: 1075
cdn-cachedat: 07/18/2023 10:32:12
cdn-pullzone: 1464120
content-length: 1851612
last-modified: Tue, 18 Jul 2023 10:07:18 GMT
server: BunnyCDN-DE1-1047
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 5c95400c707bb95bd4ae3c5338afbcbe
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
1 KB 9ms
8ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date: Wed, 30 Aug 2023 20:27:10 GMT
Via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
Age: 21591
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
X-Served-By: cache-fra-eddf8230055-FRA
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1693427230.227107,VS0,VE0
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type: image/png
abp: 55
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11038

GET
H/1.1 200
OK cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_2_2/infra/ 876 KB
191 KB 14ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03293e996cb7e1e98e2d39f5b5add0bdcd77fdb8d4ea63339e652fa2008afbde

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-mtime: 1692436178
Date: Wed, 30 Aug 2023 20:27:10 GMT
Via: 1.1 f395b3b1f28e353bed930ec878c96af2.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: WAW51-P4
Age: 990533
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1692436179
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 195102
X-Served-By: cache-fra-eddf8230087-FRA
Last-Modified: Sat, 19 Aug 2023 09:09:40 GMT
Server: AmazonS3
X-Timer: S1693427230.258936,VS0,VE0
ETag: "9617b8074f6774b791064f65227f66bd"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: kz1x4uKJ4o5MtLGE0Ho8MJo1OhjuWfMQ8lDZt-qPJVUJ4I5ZZw6ozw==
X-Cache-Hits: 5

GET
H/1.1 200
OK cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_2/assets/css/ 60 KB
10 KB 11ms
10ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/33_2_2/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-mtime: 1692436212
Date: Wed, 30 Aug 2023 20:27:10 GMT
Via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 990978
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1692436213
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 9167
X-Served-By: cache-fra-eddf8230039-FRA
Last-Modified: Sat, 19 Aug 2023 09:10:14 GMT
Server: AmazonS3
X-Timer: S1693427230.254977,VS0,VE0
ETag: "a8942bba87756c8f2329a9e0a6ff7311"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: text/css
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nqTlbdoNTlpw0m8HjEk1vrImXzHHWiryhOC97vCdH3psJNKwKstYbg==
X-Cache-Hits: 9838

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F329 34 KB
10 KB 104ms
104ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61221
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:27:31 GMT

GET
H3 200 collect.min.js Show response
static.anonymised.io/light/ 4 KB
2 KB 111ms
99ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/collect.min.js?v=0.2.4
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 84c17d4f4d7d1cdd1ff154da5cc0bd963917a767772f75ab8f13995927d38671

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:08:11 GMT
content-encoding: gzip
age: 1139
x-guploader-uploadid: ADPycdv7jE5vm8qSkz4fqIz5Senw-fc6pueHsyT9qhcqkSkY_oHIdCzmTavPv9ERrJr-myFdS9bDMfaRKty2XGvDp0SJCQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1800
last-modified: Mon, 14 Aug 2023 15:49:12 GMT
server: UploadServer
etag: "67dc540df6fcbf599bb5f00da59857f7"
vary: Accept-Encoding
x-goog-generation: 1692028152014738
x-goog-hash: crc32c=1HejeQ==, md5=Z9xUDfb8v1mbtfANpZhX9w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 1800
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 30 Aug 2023 20:28:11 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0753 34 KB
10 KB 92ms
86ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61221
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:27:31 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5A58 111 KB
39 KB 67ms
60ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 10:55:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/elements/html/ Frame 5A58 11 KB
4 KB 76ms
70ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxvWN1oH295yMiUX8YlpArSEeRm7KHHa7g8JiONxyJgdJ3jWu85h9xrtVelZ7J7sl0Z3Ir1ui0jiZt5_3LhFEye67Ms_wRJ4lYNFt5Yt8dBdSTkN57-aH21E6Z2MkdOZrWCEuE4e6BTwPDuy2ZxnhNDpoY9moTttQMuPeFSongnsQSjPo&dbm_d=AKAmf-BLxBHmSNSlNlkbo_SmzSSqj_LJJrSwWtXKoiLCjmJkpMTLJQaDc_cpoDqVgw6xM317w6eRRg3ZZWSbPvKkGhjSSM7gATGIKr9hjotQnAMwvRNUBZDhI-oqFgCmPmwVPUF2YzDgFzQI7hWLBrR3IsB2qAy_Q8slcMhWZKt6vbma1GTjQ_pG9iOsQXjT50QyW6PAgOu6OX5d_95GiMd9vWiKSWLPghaEem-CKsDwPzTWvkvBYJJYOb9WYFIRk8ZOlT1uNVIpnCLb4iVEPMhyFCf_oDiaqeWt5-jkLFWHHbF5y8aPnJfA7DlkSsMwfnqfuibkUICXJ5vqCa3KXJDjP0CPvs6zu1opVt_jDwabQ7ul0qwlggMbyssF-VlrNgUADdGepKdmX5zy-Zeml4Je_0Tq0oTBuE8MxzyQxiFzk0qpmEKnvlcMeNp7RxCY5wDdxl2TPvEO6_On5sYyyGSQYHpjTcmyPRZPL2aC5x2QEhPfsq3E0CN0uSieeemX8I3U5Yv-dvuuEc4fUlxbpY4kvMfythQYGdkkNto774sVFIWwEQhIUF5IJ-1jVNU_rZldXTWyNmfrRqmk1Tv6pyB6A3zBTQXHeQu3jaSloWIeze4YfEGRVrlRhqjlgJV5jS9HGLh-srO3dCGwc1m8DfAtsCWViN5cah7rrmXrMATSEBWlZ9N-vh8pFsQUBEBPQb9Uu43gmjqbScgRBV4XCYY-_IDQ_-jK44VGadWvJdRCskPq_P2eQohIesJqUAIzMdc-86OZzWaCNCZZaOwvQVeKFs1DEFWzOhtXUMXvFZeyBTT2W8kQlryoq68WsHTbP5LZc0IjRNe8EamNAx6vAPU0aE43ZGS68cijt2_JF0fu2QOzonFHVtGPAFG1Y0sfFgQ4ujF126sUdvMZBCLTF_tApAgIS2J3cKGruivGe-ARliY3GlZ2hqU--kudjccj58RMopzYS3Z1dT7MX2fLJO_zdccV3FL03_MjJx7IvxQf9HtJcaYZHe9EvMHaWS7HizpIVOcquu_oMSohS-jPsHKGT3qgPdvD0HagtwCrpYjNV0R2KEcBheL4nE_vfdrbBbwyCiQEsUKIP67aWStFDwyPqeby8ACyV580WRBingtd0uSnKYYQWeEcwH1Dyj7-7jsLJ7jPzd-eKPUoUDRM5hovNS4SwSS-WePBXXN8-DCVIIR_LyeBxvaoubj4yMj9reHq1pJh3zEGD30GUXxBnX11MezXQMlPwwCQkfCQuDevMsVMqlHIusWb_8uP0uEvOz5jNV8Grcjx5Oq5PdXLpwEN3oA_Eu-eG8iE05ZB-xc_Qo5FYNw4bs51m4mh-XyNg-0tdy44V7e6Hv7ed4G-gQA3SWn9-HY7WQybXgnQm8mM5X92OpXpN3UHBWKwWTv05wje50Y2U4GWcWS-s5mNSkXYx3ahdXoieKmB_pKNKgoTLoAVdnFDFJmLlugEYI_ijZjLutmGiBLnsbJaBI2sAUIXW-GugIu0n1PvcMS3rLCk_fLTDH0p-eWIYe3dSRav8kuuTaN2K14fmAEFyqtv4xc9UID1H8yp9oF1sZNNjaWvDG3gpplD0jpWJH8ArqY0kN4b-DEyOMQ3GrsCn2WdR4pW3T8kDfiQDDTFBzPN9En06jfjLnkoD286uU8CkWj7gQfCoKXbYrTapxCWZ40UN42Ov7DV3CcHe529ygyBSG4cMnqLgBk0Sh4r6-lvy5Btr6u0UyCTIvysLfxD1mrEZ_achm4qjK6xdbjv6QAHlldUgxNkF6hj6pWDBRdDWY4aV8TL4b78D_HxfEQ2cq91cCDXnHGH0Eq1yyu4l8DUpnS6dnsAV7uc7_C-jmR8-EOww8u0FF_WM2Q7p6RHw7QWb5amZdDrOhr-Z_SCVY-cXuCJabMOQhvFZNbI71925veK1MjjX-bhxFpVsG8YA6Q1bKiPGLmTVLq6KAt-5wjlqbzjAz5WvgyX5NIU9KDqna_cpT_cVIoXyZQCYTDHrMVOG1mYtBN_x0l_II5c8Id6DfrdMFdSjxJLGhiscGL0N_rpkDN3DLZd34x1A1cmuRxPpAViZ0bUaOMazIilF0Gkby96MA0q9e9eGrgbqLMDmk0y43n_C9L6sHwIoz9239WXJqM_0E0Z7lcA6oTqfXQqrbqcVVR_Ev24G6c_EDfEmaw3BmI1_-EmUs6zWpmn05W3EIAj542L2HB9qFOIAc5Eb_z0by-MFPZt0D7vYlNXGqr1Vtma9Zb6bZqF3uVeSDORNw2oxr0fKcin26VxeYSJ3j5Fsvs-TZqyPy-Op6Rv-EKWjW4ZbBdxsy146ayEvFLdskDA2P7VwhrKXZwAKVqXJ8te4iDru9UqN1ZUTe31ejPn4mKXFzxk5_MrcX4RZvkbQpJeswCIEM8yAXfps6rwv7e8HvtH3Dz2upxzZW6XVIkSqxFlQ0ZtI2U7hITBE_n_ailKqSdllb4YJ0LNuvQjWVjaiPRSbUGhKOvwWyx377wrJ3cHkEmFt4_OJQWaJjRhn6TdHAFVJp1F2Whgv5KkwV0cIhld2RY5k_0nI5ip1v_fcgHi8xexLCOqS1zpF8ZLhz2TpE0F3me-tF-wShsatjYXF3m1BP822cMawuc1f0WfRRutMTxLU25LFFejBFWbf0OqljNBH4oN0D6mHPaa4n-No64fTkek_W1s22n3r-WzEkVGgPO_r2XDTuw8REVdNZKcQBIrWtqi9cThgC-hVogtdBAgNo12HVDNqXCA0Gh5A77Nm3uWOInenckxTK3s4aMcK6ay-lVoN6pakz9tdMKfZZy_Q4E5NFJRrqFICwHDw_OdFpRGXCtK7kNiB2IPSlLzFrxFxwwb8Gl9UHIVZDo2t34A5VGN7hS75Th9o8CqA0hVTb1eV5yC1j_oxZEfH6aP8C4MM_cL-OlA9gF2uLQa6GAZG0kMwjKxwkB0xnU7uMFkll-pMiRIrYePZX-aYlBZegO7Ckdg3f0W-pinwAS6MAtmVNTCf-FQnQJz82Iit8HNyXaU5JKpaRShGGbxRX0dWrvqpscsx4eLlS1juaCgpIu18dFtwH6qJmabfjIM_utnRhSvIXIEWNRXLZGsev_J4meQnmj865ZgBXz5AYqAOK3Dm17RzZJzyiPlwnE853IWyRMEPMJHeU9OWc1XF0pB48e08BwNLuM1VlpBAU_4fBd3XHCyxrfmDvrnYLnYDANSy7MTlA3NvFjrhZH0CughDIcNo80eUdh5MVapsoerfFbjOEouRHA9Bf0nBnHsSAeMTWizH9Af3YgoU4nwxZeB2hneHXUh9ypZcLxkfTNyNsJ0vTLBWk-O8qXr4HKWFcRs9hXNspabhn1Jz3cDqKBSEIbz9-trBszwzJXYvQ5t8t0XqsbeEG0mDSlTo3Zg1donYD7XZv1zGnLMeFz86_JfQaQn8qhXXdjTzs-5Mi0Gtf08DU4NXEez04Tpgku4DA9QHGOxwYCZAjDJlIM05FK7YDot0NizbHEMriZllQ5yzbWsUrUdRcaGFyVBH-5DQMppdXX_gLeJ2t8bURPYKfAVjzsWS_U7BrP22faqhaef0RX4dO0uRuX_Mpp3JULwQ99yvP-yyEAZ&pr=8%3A3A82E4A87ADAF56B&cid=CAQSMgBpAlJWShi0ZfGowvSsB-YEYqnhDsqAiVHR4Q2wFpJJYhn7-Vvuhpe8oIr0Btc23qKKGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&ds=l&xdt=0&iif=1&cor=2258101414342114300&adk=2463653847&idt=215&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:23:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame 5A58 30 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:23:31 GMT

GET
H/1.1 200
OK UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A58 41 KB
16 KB 49ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 08:48:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 41926
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15207
X-XSS-Protection: 0
Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Vary: Accept-Encoding
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 29 Aug 2024 08:48:24 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 602E 281 B
554 B 109ms
8ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 20:27:10 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A58 0
0 120ms
87ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvG5-ZtdgoFT0x3C4PydzmcznVXMYTStHf9Zu45yU418ShExvZGQ5SJJHW3sU1Z24SIyhS4mKVrXVE4yl87rIEteRva1d6o4p-hNNdMGLX9uxgHadXitoRFj_uQr8hmJsG7-fx2MVqcO_7BetgKX134Y7wP96u9rNNhaj-CRjaemfMCxAIe5ZbHXIk5fJIpMHwWk3On-wqtYmdwcj1Z776z1Uut4BGEvLpaKolFI1F8OIBc7sp0IO8vFdi4SmExiu7Go1-knQBZIbzFZUQz3-Ip0cKzxBlXpFWeYn8aH0Asf_S6j9DQB3FcjGvM2D3XB8MKzf5DXlu8NxCGL6XFKWA33dXWpHfJbezD&sai=AMfl-YSx9Rqd17ICbjWFcYv2kqNsR2huJBEiw5AbnZkyqTPbpm6zZ-EqlR5JhzdlQc_ihgQzFfGsTtGxjYGpA50CCL32Mx35LnXBxk1CdvKkcg8&sig=Cg0ArKJSzHacgu0geApIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:10 GMT

GET
DATA 200
OK truncated
/ Frame 5A58 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7a01aaf1f5b48587bb8a6510e18567b916c8377d1dc944010eccdb3ebdc52b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EE6 38 KB
14 KB 64ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:34:05 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D0F2 6 KB
3 KB 13ms
7ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 13:53:52 GMT
x-amz-cf-pop: FRA2-C1
age: 23599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: nvJqkaljHToKL1e3Ye5RErM_hBdmbyIeNvI3MXZEi5JzhM-eQz0_Mw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame D0F2 0
301 B 108ms
104ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 30tNdEuJGi0rqilOndNPfsLh2PFqYr4vIbL2z134sxZGA2CXN_W2fw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame D0F2 23 B
461 B 45ms
44ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&pid=Gl61zOugNE8Ra&cb=0&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_400x300_Web%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!playstream.media%2C6446608883ac0940fc0b13ca%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 3E46YKC80AQ732TV1TA6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2YwjxLN2gYxYdzoxiq_yWIPJrjlQPaTYtpdWwiGxhc1UARL3yIHnRA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame D0F2 23 B
463 B 45ms
45ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&pid=Gl61zOugNE8Ra&cb=1&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_400x225_Web%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!playstream.media%2C6446608883ac0940fc0b13ca%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: WSPPFRCWJ1NBVMZRFCDP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: rVYH16m33HZMZhOB87EhwPfqLklO4ifGsoWyGt5jc5ItwApDKxz1qA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame D0F2 23 B
462 B 56ms
46ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0&pid=Gl61zOugNE8Ra&cb=2&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_640x480_Web%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!playstream.media%2C6446608883ac0940fc0b13ca%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: DV42EE04DFQBTKD9BYRS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xQ-fkbeCJUrnfVfDy9z-GJt2MUaYYF6lsKu7Rz84PPSduXdKyZc0Dw==

GET
DATA 200
OK truncated
/ Frame 1BBB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf3c58f05c377aa71cb7be265c9d8fff29cddb706a19f855f0a0a47be5dbb848

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/ Frame D78F 10 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 18:36:50 GMT
etag: 9878862242593084568
expires: Wed, 13 Sep 2023 18:36:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 602E 34 KB
10 KB 18ms
17ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61221
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:27:31 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
295 B 102ms
102ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Wed, 30 Aug 2023 20:27:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF54 181 KB
57 KB 59ms
36ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
Content-Length: 57780
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="active-view-scs-read-write-acl"
ETag: "1693222425768293"
Vary: Accept-Encoding
Report-To: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 30 Aug 2023 20:27:10 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1438073150119473431/ Frame 6603 102 KB
22 KB 96ms
22ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e1420ce4693d6b716a3ccf1f7d3d79b7815408a5429788f99a9544e5edce1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 541802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22922
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 13:57:08 GMT
expires: Fri, 23 Aug 2024 13:57:08 GMT
last-modified: Wed, 23 Aug 2023 14:32:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF54 0
0 167ms
67ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZvR-k3tl6GtkEXFofrbA9E2Mq-DG-7NUt-8M3Jl3Zkumj0l1mlw67yRtA93X702yK4iWC5GBtV7csdGGcM9rWYzWRfToKExfWjhm_i7Rw-DmyoMBgQrIF92jIn5IibD728TUCg8mOlcMtE9RsC5SsWE1DdvLhVox6uncuO0iWMpTLcJkdjiVpyIXcOuRaJjPeYHyjf9-xRA1l9aV4y1uUPSgJX3AZKYPoxMdugOtNe9t6quuX4ykPl2WK9EIPUyY8pel4DFzMXCkweoo8seuGbAo5x1s1Fjz1nc3S055KCPtJxoYzvIm-i-uezaQDBr_QqeR24Meb2mfI-RBB5Qws9BzHShdWf5Qx5vfoZ-BanA_jcDgBDYZyCiI7Zj-IDEU5zw19zNW_TL3Ak7LmEMmxLTboLDAZA4ORIPWbqRY0zT9_Nbdyn_256fyPas6zWayMKqQF9yWk1eDAcIJetnTdgfx7OpEpYxhVIcltLsNkp-Zv0fDm-HH4cN5j-9BfgkS8iHgxXTqcnLlQSeLM-jpQuJWb0fbhvbbZnvJh_brgnDudbfR7-uXia_ZVqzw8_Nne6XUa_tL-HQCwgX5mzxRtOr-n5G0Q_OAUIzfsqiVsD8W0VsQh3sH8SWLYHJ1MikDl8yd3RwcPvUcd-HMu2dVu8gQH0o26PIuObEguKji9b3ZgD5-kFlSayJpp95LPYZztjsVjlVgp0VE3s138zDmvZOqpms2Dwc8UU5xbxWG8rc9aYLiGSB49I4fCLJdMIlDuCJBZKLJcesu1nr7Wa1_uSBpLp5MGol7Ceiu1DmMPKkE2zgMNFE59AFbm4BYAULnVxmVMcgwbREM4AC7E6kRMMHn2HTQwA40RAgTDylqEI7z9zQXZmnlgET22h4ONfyg4clp-srAvMQtBMRSfOWo6j5p3zZ1Cm79_6dk6LHuCSygVqW5cAPUDjf2qbBdiO6Sc_s_A0ogKA3nZPX_g4-fqj49hsKQv2gN48YR1GjP3xXVuFhrDPfVcSxy747qDvlwMO5m7VvMF0w_tK4ebs6CMaaFYPTb0VDmcdZ2Ddsq9FNL9hiPBlmYwnEK3cNwChOHKd4MxqEQOjJaFe4hM6DrcAuoh0z4zQCQKAHCXH_5diTKp3ODXNEmfhSs-i5FmceEVCWfkyscxt5aSuj6UL4AFvXrPiaJW_znruFvcgL7AlsqZh1qmY5E_fmohbBvImJ0j4JyMSE1lf1-uTC3ugUK42x-v5eohmxv7NNGsDdqQrOTp6RnjvSgWFjdKvEMEFWpE0Hw5NCbnzhEth-3yI7buxukwpz-msUdihW11f-4iqZ0xQq7GIx-45ptc&sai=AMfl-YRTT46ipnNX5v6kRLhPZSmqYTKDQM2mbx7atarwpabcME9VX8M2QNkST2pJasA1u_GF5NA82kMFZuof0-MTEC6oDKiO-l-J1-FPfkf1ISBVUuQUWORqQdMWjsZ3vrzbCxKyOuf6bV9eybm94qnv1J80Sw47478L9lSiSNy4An-mKMpl2W2mL2GIX_AhjIDKrnKghPtUgPV4VZnEcPup2kOu4Hc09lxtA_jZARzyYDJq29hOtGRAcNgI2tQ&sig=Cg0ArKJSzLagMY0OxkSCEAE&uach_m=[UACH]&pr=8:94B9E5E450E3E031&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=777&cbvp=1&cstd=772&cisv=r20230829.31439&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 20:27:10 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:10 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame BF54 43 B
1012 B 132ms
28ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=72409-dcm&extLi=30519198&extCr=196947571&extPm=374608584&gdpr=&gdpr_consent=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 30 Aug 2023 20:27:10 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 30 Aug 2023 08:27:10 GMT
X-ET-Code: 11
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 263
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F329 0
239 B 458ms
107ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LLY6UJM8-K-7D0W
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 29ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:10 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 2467
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693427231.915527,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 95
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 11916

GET
BLOB 200
OK 80c2b310-5b73-4e80-943d-1b5cef8ccfb5
http://ultrasurfing.com/ 94 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://ultrasurfing.com/80c2b310-5b73-4e80-943d-1b5cef8ccfb5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 96496
Content-Type: text/javascript

GET
H/1.1 200
OK Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 207E 22 KB
9 KB 23ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 41927
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 8395
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 30 Aug 2023 08:48:24 GMT
Expires: Thu, 29 Aug 2024 08:48:24 GMT
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server: sffe
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H/1.1 200
OK rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A58 181 KB
57 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
Content-Length: 57780
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="active-view-scs-read-write-acl"
ETag: "1693222425768293"
Vary: Accept-Encoding
Report-To: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 30 Aug 2023 20:27:11 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 36 KB
11 KB 27ms
17ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c738e047085f0ee702cde018514fad015930a330f28e76b6133d792008b066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 550569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10747
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 11:31:02 GMT
expires: Fri, 23 Aug 2024 11:31:02 GMT
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A58 0
0 74ms
60ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDyMqYgA9HSofc3YD2hmAT9HUR3sF4a9j-Fu4jcKu2hDobR6Vrirp-ZrLZqwt6RUyVgzvuaQqQWXJJ5FakLK-9IxPncBlhcp-lwoAl92RhJehHAI-NDSf_C0Zoh4obxZ5zx66VuD4oNLRg7hS2E8oYp_PoHHT9bnVIlgn5Q12ZJHP2NNO_qJhSgciKigu1pVyykrhWdrjeoIrcND4xYKP8AZbKAEjkxY15OhkEt-oMwVapxdRVxlkQ2l3c73fV5UbITtE76pfm097EsPvxpQ4n8rYGAbrGanMqkciFb4hRs5FQrl5duHeAr0hDSaGpxgACzVX5bMfcnZ_19effUfGnFypD-aLEAqr8gKveSUGViKmJEYnspxtZSxQhivZpX2gxyuF6tD0D5wirhWF-HgL90kXxdyNk5JTZajwVysLtJlxAqLuQSd_tmDaW76HCYzgT4FNr8EVTanAq5BckWlUZShf7qIE8syskXrHyG-nIrvwDmt8lpTgp6g85Ap0UASInNZTFvjBJgShT9wPo4XuNzvoo7Bud9-Xtsfj-fGc4tcQCulK-5pcqLE2PUHrmkx6avMoet6OY_LmnXyyh3m79cNfbWrOGIlEIYoCbPCDv_Z5giXgi-aBj-fwvDkrpqFIFvLnSdjKfDbxxiiw7pvj_boqhQIQSy3kIwAA-cVX6yt0Wau55nsC9Wk_l1rGAAEUBbSPNE1Lcr1fyHE9CYVxKvnGwaBIGBcJ-lOwmzOAydc4iyfqdc6Fclo7YBCBJK3fs_-0i4Wn-fB8dEJSpZFAV9eRskinxjn-Iq16FsAhYk0dT6OCh6IndjlJb2p41n6MHFqLE9QomytrWIdC23aE55NztA0OG8rh_ZN9Sz7BL71NffVYHx_lDG7-vMwXHn5_fiiIQ4kt1gv5Ye_gkBdhGdnhVnXIiI9dEusUD_Sa4IibnTAZtL6eTWjnCn1IEmXX-RSomTjzsiJSdBi5jnzlarf26rALQ2TJtqTeF4K9DSE58Q7BnWcFnf-CYhNfk1Zm9uZ5imKZW9Fm_6GWYHjnfvbHa2XTLawNCXoaYwaQG8Q1I1VAYx3dq4089SeKXdwlmRo1JHamoEYNKmAkzfkCjDtND7KvLtsoGQvc6S0crSX0NSo-JqRARX4udjl-Q-ngQU2E6vBBrB4D0LLADTPzqEc3wjOkTeKq3xT0vp8qajgFdYWfjV5Spkxs6p34yb65iKkRxMreyP6iqkLSDcdWaR_gXDm9LWkAuOa8AFG2rMequRjmkGt1_g-wQLncXxvPRgluhA0WrladRVSQr3XU242Rl7BSJF2dr9TZ-B9lxlE8IyyncSzdPP97Y&sai=AMfl-YS4khkbt6-wzaf3DkRJwcvVOxIp6xCiOxgES4ltuQwjOkufBXskGC_lkStBBYGI0W7a-vqWiOxAiqZJQKpBMX6ZZoO6Yv1M7NMeggFYfNZN2o7DiPT12aRvil5H4tl-Gyqrdw9aM4S7lqBwj1dvtXKY9Hsv47osVsrv40fQh3mh0WkH9y1cEWan5AMSLHZ2M1ciibO0tIoQXCE5A94vxVTPPI8r7WfOQaRXndxhVagjzU9pkVXB1v5Iivw&sig=Cg0ArKJSzI1YjxJnDRBWEAE&uach_m=[UACH]&pr=8:3A82E4A87ADAF56B&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=660&cbvp=1&cstd=658&cisv=r20230829.92151&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 20:27:11 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6603 8 KB
836 B 33ms
24ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700,regular|Poppins:600,700,300

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ef4131bd06fab5d5248732f9739d8de273f439a463e008b05bf7a6f599474e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 20:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 20:15:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 20:27:11 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 6603 32 KB
11 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 06:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 06:58:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F329
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY6UJM8-K-7D0W&gdpr=1&us_privacy=1---

0
646 B

157ms
118ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY6UJM8-K-7D0W&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6ABD4EAC724A40DA9E6896927042446C Ref B: FRAEDGE1112 Ref C: 2023-08-30T20:27:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEKcCdEXsEAfQ6JTiFmw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY6UJM8-K-7D0W&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F329 70 B
264 B 46ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F329
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDUDLXeD5FvWAsTnmmy-gto&google_cver=1

0
239 B

46ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDUDLXeD5FvWAsTnmmy-gto&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEDUDLXeD5FvWAsTnmmy-gto&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F329
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU3NDNjYjgwNDQxMTY0ZjI0ZTAxMTFjNmEyYzFhZTMwYzA4NWNkZg&gdpr=1&us_privacy=1---

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU3NDNjYjgwNDQxMTY0ZjI0ZTAxMTFjNmEyYzFhZTMwYzA4NWNkZg&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTU3NDNjYjgwNDQxMTY0ZjI0ZTAxMTFjNmEyYzFhZTMwYzA4NWNkZg&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F329
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

101ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9RW4WSK8VNEK03PG58RR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5NC5YRRNA2N9DK94DYX8
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame F329
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

33ms
32ms

Image
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PN0MS13ZHFCRVCCRQ826
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y7630JJR54J2KQFYYYXC
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F329
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZNlVKTTgtSy03RDBX&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEIVrcejiyg9uI692nhXEDXU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZNlVKTTgtSy03RDBX&google_push=&gdpr=1

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZNlVKTTgtSy03RDBX&google_push=&gdpr=1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZNlVKTTgtSy03RDBX&google_push=&gdpr=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1BBB 15 KB
16 KB 97ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 598735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 22:08:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1BBB 15 KB
16 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 2108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 19:52:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1BBB 15 KB
15 KB 97ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:21:37 GMT
x-content-type-options: nosniff
age: 108334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 14:21:37 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F329
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/LA-0fWkOCjSiXIgii0JOaw?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K4tOsKlE2oKa09FJKWnoFtGFrEuCNDX0Ba3rlQ--~A

0
239 B

42ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K4tOsKlE2oKa09FJKWnoFtGFrEuCNDX0Ba3rlQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 30 Aug 2023 20:27:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K4tOsKlE2oKa09FJKWnoFtGFrEuCNDX0Ba3rlQ--~A
content-length: 0

GET
H3 200 interestscores.js Show response
static.anonymised.io/light/ 3 KB
1 KB 47ms
43ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/interestscores.js?v=0.2.4
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2e3296182be09672399fa3719de3d1a6a95e1bbd1f216efc9ae108128300e809

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:20:25 GMT
content-encoding: gzip
age: 406
x-guploader-uploadid: ADPycdvzasnuGUnIWWbNH0lk2UfE_c88WcrMi5lAm960PMKH8sJMMEa9hiO8iwh2hw0G3zG7wy7jDWHcr_3foke7zg8NoA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1442
last-modified: Mon, 14 Aug 2023 15:49:13 GMT
server: UploadServer
etag: "eb1eb8fa981b2887ceab44fc3b4ac42e"
vary: Accept-Encoding
x-goog-generation: 1692028153673147
x-goog-hash: crc32c=4kmKww==, md5=6x64+pgbKIfOq0T8O0rELg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 1442
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 30 Aug 2023 20:40:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D78F 4 KB
655 B 40ms
29ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 20:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 20:03:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 20:27:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame D78F 2 KB
892 B 23ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame D78F 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame D78F 3 KB
1 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame D78F 20 KB
8 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D78F 181 KB
56 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:27:11 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame D78F 36 KB
15 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H3 200 splitText.js Show response
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 8 KB
3 KB 109ms
85ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/splitText.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75c6b260fee00db1fe67db954b335fcb5f19f4d339f33ba1228b90a54ea88042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3435
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 Smart_Regular.woff
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 20 KB
20 KB 62ms
33ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/Smart_Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed654d864a83081f65642d7c153595a722b58a0ab5776dba72f2c767b41930f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20052
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 Smart_Regular.woff2
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 15 KB
15 KB 112ms
83ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/Smart_Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b86e678f724241714425a98d49c80fcdee4cf52b93c913b56ae403d2e423d3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14848
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 smartNext-Bold.woff
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 19 KB
19 KB 107ms
77ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/smartNext-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a4198aac2107c45dc0d5c25bb2e1ad3420efc9fcc02cd7c2fe7cfee0d2b880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 smartNext-Bold.woff2
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 15 KB
15 KB 110ms
80ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/smartNext-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95cd0c0f4ec29744afef0d2b001f3affe95419106afff4f93339574c9067db51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14912
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 44DA 64 KB
23 KB 102ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4215884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Fp%2FgRZSzEpAlJAVgpoI4QIYD8BUQnEX%2FWzW9V4haFbhxKLc7i8x%2BpBc8UUzx0lvHD2CToOCwuMsRUcvmHXcIalbUrkmKlQWG5rnA2Vko%2BVh2LlO2OckT6SukLOUA1WrhluhtIKj0VxQkvKV5BymIkrZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fefc5e41b94993f-FRA
expires: Mon, 19 Aug 2024 20:27:11 GMT

GET
H3 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 44DA 2 KB
2 KB 71ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535520dc8857dfcf9610d361f99e9d419786585dda328a3f6635eba5982803d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7088223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1193
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YpxAstDYbw3VVCgE%2B2DHdlVoO4ojLiLrChGv%2B8EpHgHdm4EiQRSpjF2q0BSMWluuTNQH0Du6JeNrTYPIJwby8E%2FYnuR3l%2FCirLel5n8I6sqLdcY9btox7SLNAAntfVDLBYT7tFJbYRdTkgk1oaFjBtp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fefc5e41b90993f-FRA
expires: Mon, 19 Aug 2024 20:27:11 GMT

GET
H3 200 EaselPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 44DA 5 KB
2 KB 99ms
58ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/EaselPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eadf86ab162e1d578164338aea12323e59534a9d43fbd526d609a667965003d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 324335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1914
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-77a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqa0DPkJAE%2BIbi6qW9Z0sFemdLyZZZGoCKYD4viQ1ef1lKlUZbGKYryb9DcCF1xiokZVT0FVv4nObwTxJ7NPaYquU1iaNAjFvWst%2BuviXizlgGaeYM4HrszUaCgmp0kSCoYIFXG92lqDumgvj4imoQx8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fefc5e41b93993f-FRA
expires: Mon, 19 Aug 2024 20:27:11 GMT

GET
H3 200 HYPE-724.thin.min.js Show response
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 55 KB
24 KB 103ms
79ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/HYPE-724.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ae93330f3a0b8e253e34bc6d66018d996fb5d56ef0802e6def0d91fd035c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24394
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H/1.1 200
OK content_v3.js Show response
vidstat.taboola.com/ 16 KB
6 KB 10ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:11 GMT
Via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 1202099
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 4839
X-Served-By: cache-fra-eddf8230039-FRA
Last-Modified: Wed, 20 Jul 2022 13:23:50 GMT
Server: AmazonS3
X-Timer: S1693427232.668362,VS0,VE0
ETag: "f7533e747bb02a8eb527ada4f2749620"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
X-Cache-Hits: 196827

GET
H/1.1 200
OK OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/ 447 KB
105 KB 18ms
16ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5de76ff60eda0bfa1c2f0e340e7adfec5b207928469ad3ad7061f45cac0a691b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-mtime: 1693040855
Date: Wed, 30 Aug 2023 20:27:11 GMT
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 386331
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1693040855
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 106181
X-Served-By: cache-fra-eddf8230039-FRA
Last-Modified: Sat, 26 Aug 2023 09:07:36 GMT
Server: AmazonS3
X-Timer: S1693427232.696065,VS0,VE0
ETag: "1efa09a5944bb036dcc109710d06d6db"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bf4NRj4NYsPFV5KjqRxKiAYc78oBFtz1yIN1aZpiGXVXFg72xFa0JQ==
X-Cache-Hits: 31180

GET
H2 200 sync Show response
am-match.taboola.com/ Frame C03C 577 B
662 B 22ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0dddf70bf2b14c632451818b83903ea27697678f084157eb2084e7b36a4b7e16

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 30 Aug 2023 20:27:11 GMT
machineid: 3407
server: nginx

GET
H/1.1 200 st
am-vid-events.taboola.com/ 0
112 B 23ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=&cb=1693427231622&uv=3322&tms=1693427231622&su=&abt=nonrv_vA!smbs!t120!ufm_vG!ul3328_vB!unf_vC&ft=0&unm=FEED_MANAGER&mntl=1&
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200 st
am-vid-events.taboola.com/ 0
112 B 31ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&cmcv=&pix=31579697&cb=1693427231693&uv=3322&tms=1693427231693&su=3&abt=nonrv_vA!smbs!t120!ufm_vG!ul3328_vB!unf_vC&ft=0&unm=FEED_MANAGER&su=3&
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1BBB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CvezkHKbvZNKhO6aqpt8P0tep4AuegqbXcsS9tb6MEuHw9rLoMBABIJy-tSRgldKhgrAHoAHp_fXPA8gBCagDAcgDywSqBPABT9BYGve7DIiL2oTBEdkM7iyWfkdxwJ8bpdGJ-RwacxtUeUV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213618395527700703639%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_win...

0
0

91ms
50ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213618395527700703639%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215945269249446352337%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13618395527700703639","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"15945269249446352337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 20:27:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13618395527700703639","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"15945269249446352337"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 392B 22 KB
9 KB 13ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 41927
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 8395
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 30 Aug 2023 08:48:24 GMT
Expires: Thu, 29 Aug 2024 08:48:24 GMT
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server: sffe
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A58 42 B
64 B 119ms
118ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSKlXJ3Dd_uc5WA5semZhG82HWVgKODzoI6XyqhSvL7_NAglzpaQpvolbm6IBijYuwTuLAtdqbmtalJg4x4E04yyJ0ALXYpPZrtOCxcfzUFCsYkLTufc8lpP6HsY01&sig=Cg0ArKJSzCJ4FK_r3UD_EAE&id=lidar2&mcvt=1605&p=1110,436,1200,1164&mtos=1605,1605,1605,1605,1605&tos=1605,0,0,0,0&v=20230828&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3607180488&rs=4&la=0&cr=0&vs=4&r=v&rst=1693427229245&rpt=1162&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
90 KB 32ms
8ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: HTTP/1.1
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
Date: Wed, 30 Aug 2023 20:27:12 GMT
Via: 1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
X-Amz-Cf-Pop: MRS52-C1
Age: 669492
X-Cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 90784
X-Served-By: cache-fra-eddf8230124-FRA
Last-Modified: Sun, 02 Jul 2017 20:40:57 GMT
Server: AmazonS3
X-Timer: S1693427232.074321,VS0,VE0
ETag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
X-Cache-Hits: 131222

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C03C 70 B
264 B 34ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame C03C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4ngUa5VE2oQJOBtvaMoi_Sxpsa3Q1qzBQbScqQ--~A

0
98 B

36ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4ngUa5VE2oQJOBtvaMoi_Sxpsa3Q1qzBQbScqQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17274

Redirect headers

date: Wed, 30 Aug 2023 20:27:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4ngUa5VE2oQJOBtvaMoi_Sxpsa3Q1qzBQbScqQ--~A
content-length: 0

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
327 B 16ms
16ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=12316&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 30 Aug 2023 20:27:12 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7318
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
server: nginx
x-timer: S1693427232.093969,VS0,VE9
content-type: image/gif
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF54 42 B
64 B 123ms
123ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNfDC-gnyOFHY0q8TV9-zhsdMSHRJbjh2m8q2aHRn-vLhwE8HVEWJuC043FKHaUUZu2GfX3xMYQe7FeFJ3OV-UELJPr22BIqjESCXvDw-J9lDA7mi_jYWMUSbHkJxp&sig=Cg0ArKJSzLs6hOqoO8WKEAE&id=lidar2&mcvt=1227&p=600,119,640,160&mtos=1227,1227,1227,1227,1227&tos=1227,0,0,0,0&v=20230828&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2124594652&rs=4&la=0&cr=0&vs=4&r=v&rst=1693427229220&rpt=924&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame F72B 38 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:34:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 105ms
50ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 20:27:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3523 281 B
554 B 15ms
15ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 20:27:12 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 70ms
22ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 2fbdaf97983d1058e465d55986bfad0dbacfa69a932de1593fed8980573f8b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230041-FRA
date: Wed, 30 Aug 2023 20:27:12 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 207E 37 KB
17 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 17:20:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 529588
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16443
X-XSS-Protection: 0
Last-Modified: Tue, 22 Aug 2023 10:48:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Vary: Accept-Encoding
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Expires: Fri, 23 Aug 2024 17:20:44 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3523 34 KB
10 KB 9ms
8ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61219
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:27:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 6603 8 KB
8 KB 21ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,regular|Poppins:600,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 478315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 07:35:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 6603 8 KB
8 KB 21ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,regular|Poppins:600,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 07:52:07 GMT
x-content-type-options: nosniff
age: 390905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 07:52:07 GMT

GET
H3 200 Slide-3-horizontal.jpg
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 244 KB
244 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/Slide-3-horizontal.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1f345f9cf08774fcc78f54403f790c1f9b8eae697da5958bb79e564cadc4c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249661
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 info_icon_green2.svg
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 955 B
447 B 24ms
22ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/info_icon_green2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 418
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 arrow_black-1.svg
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 952 B
436 B 23ms
21ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/arrow_black-1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c3c5ac5900e2fdeeea6e3c9514871617b72608b224e33f329b0b4d8e91a85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 Slide_3_728x90.png
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 64 KB
64 KB 25ms
23ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/Slide_3_728x90.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d83f54da9832a6b5507c23e2d2b45016da72e2aec4c708c2643c0361fcd1e62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65922
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 SpriteSheet-1.png
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 51 KB
51 KB 24ms
22ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/SpriteSheet-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f5a2bfb90701e8fb4339729c5b8d4643988427cbfbefd5d81a347c073a4b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52195
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 315ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&uad=f88018ccd0130d185511681a282284d4f797f33d76715b44b3ebea7e6d349dfc
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 20:27:12 GMT
cache-control: no-store
server: nginx

POST
H/1.1 200
OK VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 172ms
170ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1693427232744&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1544&pt=-565199376&tz=120&viewable=true&ddast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!smbs!t120!ufm_vG!ul3328_vB!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b0a9f799ed53e375ae24c1aa0e30fe55e9b72cca8f09400a8d7f9c5969073b0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

X-Cache-Hits: 0
Date: Wed, 30 Aug 2023 20:27:12 GMT
Content-Encoding: gzip
Via: 1.1 varnish
MachineId: 1428
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1693427233.749538,VS0,VE163
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 392B 37 KB
17 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 17:20:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 529588
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16443
X-XSS-Protection: 0
Last-Modified: Tue, 22 Aug 2023 10:48:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Vary: Accept-Encoding
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Expires: Fri, 23 Aug 2024 17:20:44 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF54 0
0 56ms
54ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZvR-k3tl6GtkEXFofrbA9E2Mq-DG-7NUt-8M3Jl3Zkumj0l1mlw67yRtA93X702yK4iWC5GBtV7csdGGcM9rWYzWRfToKExfWjhm_i7Rw-DmyoMBgQrIF92jIn5IibD728TUCg8mOlcMtE9RsC5SsWE1DdvLhVox6uncuO0iWMpTLcJkdjiVpyIXcOuRaJjPeYHyjf9-xRA1l9aV4y1uUPSgJX3AZKYPoxMdugOtNe9t6quuX4ykPl2WK9EIPUyY8pel4DFzMXCkweoo8seuGbAo5x1s1Fjz1nc3S055KCPtJxoYzvIm-i-uezaQDBr_QqeR24Meb2mfI-RBB5Qws9BzHShdWf5Qx5vfoZ-BanA_jcDgBDYZyCiI7Zj-IDEU5zw19zNW_TL3Ak7LmEMmxLTboLDAZA4ORIPWbqRY0zT9_Nbdyn_256fyPas6zWayMKqQF9yWk1eDAcIJetnTdgfx7OpEpYxhVIcltLsNkp-Zv0fDm-HH4cN5j-9BfgkS8iHgxXTqcnLlQSeLM-jpQuJWb0fbhvbbZnvJh_brgnDudbfR7-uXia_ZVqzw8_Nne6XUa_tL-HQCwgX5mzxRtOr-n5G0Q_OAUIzfsqiVsD8W0VsQh3sH8SWLYHJ1MikDl8yd3RwcPvUcd-HMu2dVu8gQH0o26PIuObEguKji9b3ZgD5-kFlSayJpp95LPYZztjsVjlVgp0VE3s138zDmvZOqpms2Dwc8UU5xbxWG8rc9aYLiGSB49I4fCLJdMIlDuCJBZKLJcesu1nr7Wa1_uSBpLp5MGol7Ceiu1DmMPKkE2zgMNFE59AFbm4BYAULnVxmVMcgwbREM4AC7E6kRMMHn2HTQwA40RAgTDylqEI7z9zQXZmnlgET22h4ONfyg4clp-srAvMQtBMRSfOWo6j5p3zZ1Cm79_6dk6LHuCSygVqW5cAPUDjf2qbBdiO6Sc_s_A0ogKA3nZPX_g4-fqj49hsKQv2gN48YR1GjP3xXVuFhrDPfVcSxy747qDvlwMO5m7VvMF0w_tK4ebs6CMaaFYPTb0VDmcdZ2Ddsq9FNL9hiPBlmYwnEK3cNwChOHKd4MxqEQOjJaFe4hM6DrcAuoh0z4zQCQKAHCXH_5diTKp3ODXNEmfhSs-i5FmceEVCWfkyscxt5aSuj6UL4AFvXrPiaJW_znruFvcgL7AlsqZh1qmY5E_fmohbBvImJ0j4JyMSE1lf1-uTC3ugUK42x-v5eohmxv7NNGsDdqQrOTp6RnjvSgWFjdKvEMEFWpE0Hw5NCbnzhEth-3yI7buxukwpz-msUdihW11f-4iqZ0xQq7GIx-45ptc&sai=AMfl-YRTT46ipnNX5v6kRLhPZSmqYTKDQM2mbx7atarwpabcME9VX8M2QNkST2pJasA1u_GF5NA82kMFZuof0-MTEC6oDKiO-l-J1-FPfkf1ISBVUuQUWORqQdMWjsZ3vrzbCxKyOuf6bV9eybm94qnv1J80Sw47478L9lSiSNy4An-mKMpl2W2mL2GIX_AhjIDKrnKghPtUgPV4VZnEcPup2kOu4Hc09lxtA_jZARzyYDJq29hOtGRAcNgI2tQ&sig=Cg0ArKJSzLagMY0OxkSCEAE&uach_m=[UACH]&pr=8:94B9E5E450E3E031&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2705&vt=11&dtpt=1928&dett=3&cstd=772&cisv=r20230829.31439&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:12 GMT

GET
H3 200 Slide_3_728x90.png
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 64 KB
64 KB 16ms
16ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/Slide_3_728x90.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d83f54da9832a6b5507c23e2d2b45016da72e2aec4c708c2643c0361fcd1e62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65922
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 Slide-3-horizontal.jpg
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 244 KB
244 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/Slide-3-horizontal.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1f345f9cf08774fcc78f54403f790c1f9b8eae697da5958bb79e564cadc4c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249661
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D78F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtXkFHKbvZLPaOqqdpt8Pxeil6AqegqbXcsS9tb6MEuHw9rLoMBABIJy-tSRgldKhgrAHoAHp_fXPA8gBCagDAcgDywSqBO4BT9BVqDUlXDW2x6_CTfLlmAtKE8j2vw3YG8TUriyeBmrUVbB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225550635441063966743%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_wind...

0
0

50ms
49ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225550635441063966743%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227850194439071732001%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5550635441063966743","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"7850194439071732001"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 20:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5550635441063966743","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"7850194439071732001"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 924E 38 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:34:05 GMT

GET
H3 200 info_icon_green2.svg
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 955 B
447 B 13ms
13ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/info_icon_green2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 418
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/1438073150119473431/ Frame 6603 8 KB
3 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1438073150119473431/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d3c20e0c23af2e126af2e85cba7fd6f7ff72b738eb9eede07f74d0f824fa533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 13:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3325
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 14:32:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 13:57:09 GMT

GET
H3 200 bottle.png
s0.2mdn.net/sadbundle/1438073150119473431/ Frame 6603 12 KB
12 KB 17ms
16ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1438073150119473431/bottle.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09d7bb539b0c42c29407162cf0ed6b7adf619ce1d037a530a15167e191cc784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 13:57:09 GMT
x-content-type-options: nosniff
age: 541803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12732
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 14:32:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 13:57:09 GMT

GET
H3 200 package.png
s0.2mdn.net/sadbundle/1438073150119473431/ Frame 6603 15 KB
15 KB 17ms
16ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1438073150119473431/package.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5082292c1a975e6b462573ba5739f209a3fdf334e327fdac894241ceb92def25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 13:57:09 GMT
x-content-type-options: nosniff
age: 541803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14861
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 14:32:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 13:57:09 GMT

GET
H3 200 mood.jpg
s0.2mdn.net/sadbundle/1438073150119473431/ Frame 6603 39 KB
39 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1438073150119473431/mood.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

778319b7c44a80f93d8a77153230f24649c02832d735a8e94b8c7d3edff9bff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1438073150119473431/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 13:57:09 GMT
x-content-type-options: nosniff
age: 541803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39862
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 14:32:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 13:57:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1BBB 42 B
64 B 119ms
119ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshjiwWpg7HFnMdSis-Nimc1HWzRZMGIr7abVsOzS0a5wyt32GLcluhCuKPAPZkqZiLM5kZjlm2tpWljVmGagz-vku1ZuVgyjfCH3-NaSyKNQ54XED22RqeYhbAhU1VxCD7v96ho6DyBRS8&sai=AMfl-YSqIt6Mq0-bZmBHHel81xzHXL1zGJgpUXh22cM-rzqeSaY8LrYYdaTeO-HRppJLmMFB986h38xtXzK9&sig=Cg0ArKJSzAvDSUCnrw2hEAE&cid=CAQSGwBpAlJWpq-88toukfSCHmsytFxxjj0TRu9OBRgB&id=lidar2&mcvt=1089&p=0,0,250,300&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3782124154&rs=2&la=0&cr=0&vs=4&r=v&rst=1693427228520&rpt=3376&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
49ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 20:27:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A58 0
0 53ms
52ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDyMqYgA9HSofc3YD2hmAT9HUR3sF4a9j-Fu4jcKu2hDobR6Vrirp-ZrLZqwt6RUyVgzvuaQqQWXJJ5FakLK-9IxPncBlhcp-lwoAl92RhJehHAI-NDSf_C0Zoh4obxZ5zx66VuD4oNLRg7hS2E8oYp_PoHHT9bnVIlgn5Q12ZJHP2NNO_qJhSgciKigu1pVyykrhWdrjeoIrcND4xYKP8AZbKAEjkxY15OhkEt-oMwVapxdRVxlkQ2l3c73fV5UbITtE76pfm097EsPvxpQ4n8rYGAbrGanMqkciFb4hRs5FQrl5duHeAr0hDSaGpxgACzVX5bMfcnZ_19effUfGnFypD-aLEAqr8gKveSUGViKmJEYnspxtZSxQhivZpX2gxyuF6tD0D5wirhWF-HgL90kXxdyNk5JTZajwVysLtJlxAqLuQSd_tmDaW76HCYzgT4FNr8EVTanAq5BckWlUZShf7qIE8syskXrHyG-nIrvwDmt8lpTgp6g85Ap0UASInNZTFvjBJgShT9wPo4XuNzvoo7Bud9-Xtsfj-fGc4tcQCulK-5pcqLE2PUHrmkx6avMoet6OY_LmnXyyh3m79cNfbWrOGIlEIYoCbPCDv_Z5giXgi-aBj-fwvDkrpqFIFvLnSdjKfDbxxiiw7pvj_boqhQIQSy3kIwAA-cVX6yt0Wau55nsC9Wk_l1rGAAEUBbSPNE1Lcr1fyHE9CYVxKvnGwaBIGBcJ-lOwmzOAydc4iyfqdc6Fclo7YBCBJK3fs_-0i4Wn-fB8dEJSpZFAV9eRskinxjn-Iq16FsAhYk0dT6OCh6IndjlJb2p41n6MHFqLE9QomytrWIdC23aE55NztA0OG8rh_ZN9Sz7BL71NffVYHx_lDG7-vMwXHn5_fiiIQ4kt1gv5Ye_gkBdhGdnhVnXIiI9dEusUD_Sa4IibnTAZtL6eTWjnCn1IEmXX-RSomTjzsiJSdBi5jnzlarf26rALQ2TJtqTeF4K9DSE58Q7BnWcFnf-CYhNfk1Zm9uZ5imKZW9Fm_6GWYHjnfvbHa2XTLawNCXoaYwaQG8Q1I1VAYx3dq4089SeKXdwlmRo1JHamoEYNKmAkzfkCjDtND7KvLtsoGQvc6S0crSX0NSo-JqRARX4udjl-Q-ngQU2E6vBBrB4D0LLADTPzqEc3wjOkTeKq3xT0vp8qajgFdYWfjV5Spkxs6p34yb65iKkRxMreyP6iqkLSDcdWaR_gXDm9LWkAuOa8AFG2rMequRjmkGt1_g-wQLncXxvPRgluhA0WrladRVSQr3XU242Rl7BSJF2dr9TZ-B9lxlE8IyyncSzdPP97Y&sai=AMfl-YS4khkbt6-wzaf3DkRJwcvVOxIp6xCiOxgES4ltuQwjOkufBXskGC_lkStBBYGI0W7a-vqWiOxAiqZJQKpBMX6ZZoO6Yv1M7NMeggFYfNZN2o7DiPT12aRvil5H4tl-Gyqrdw9aM4S7lqBwj1dvtXKY9Hsv47osVsrv40fQh3mh0WkH9y1cEWan5AMSLHZ2M1ciibO0tIoQXCE5A94vxVTPPI8r7WfOQaRXndxhVagjzU9pkVXB1v5Iivw&sig=Cg0ArKJSzI1YjxJnDRBWEAE&uach_m=[UACH]&pr=8:3A82E4A87ADAF56B&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2700&vt=11&dtpt=2040&dett=3&cstd=658&cisv=r20230829.92151&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 20:27:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF54 42 B
64 B 132ms
119ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb-knl9OsBZArJJCprtUobPqbo0dxAMPi8fHq12VP6kM_EwvYI4b_wvKJ6vqOrx6GXdz5dUEBLoA7WuV2ex257ZkiYFKWd8ZlfvlOK4onJsD4&sig=Cg0ArKJSzE-1rFtIHklmEAE&id=lidar2&mcvt=1074&p=0,0,600,160&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&v=20230828&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&vs=4&r=v&rst=1693427229220&rpt=2772&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A58 42 B
64 B 124ms
123ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGK39BOxd7oxAs5sfG-KKdSudJkQ816p9kEUqGMkSKQInq1H-FiACbTPArSYYpaEEwvIG5s4xRz6rCwsl0KSi-a2BWXORf1pvl-xh0eM0J4lk&sig=Cg0ArKJSzD7LTR-HLQb5EAE&id=lidar2&mcvt=1066&p=0,0,90,728&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20230828&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&vs=4&r=v&rst=1693427229245&rpt=2969&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
214 B 228ms
96ms Ping
text/plain 54.86.248.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://track1.avplayer.com/ctrack?pt=2&d66=8.3.17&d74=&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&pid=6446608883ac0940fc0b13ca&cid=6446621c2b382b7b120d03d3&r=ultrasurfing.com&sn=&cd1=&app=&test=&cb=1693427232925
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: HTTP/1.1
Server: 54.86.248.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-248-253.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 30 Aug 2023 20:27:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8EE6 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RPHM8A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 207E 0
459 B 119ms
118ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBVh4HabvZJnHMO6gjuwPooq5gAIAAAAAOAHgBAI&bg=!bW6lbiHNAAYkVgHwBFY7ADQBe5WfOKFQsuVh6DOIc6Lf5E7lCAX7RIbLiSjJXKqs_juePz5vaZVmqgDAtWaFLcdOGpF1AgAAA2dSAAAAC2gBB5kCz_0uS42AZnen66EcsU1j9yScatWwY4Om1MRD-cnfJlFbPEbbq_wRfC_OjFTE99lroCppHNmgzKc2ZOPR-Q_u7HVGXdyMlY7vItWTpWiQZKTn-apnRobhNoljqAF-UZTmA65U9VhDUOgVHn7Gmzysf9ENz5dNbawv0j3p0J7VCIG4VO8IQeq4QgGVd00RivUkI-WeX7k--hiqQILZFbd_pBZeRh9tbQJavUbmNnFCvCIAsRj0neeU1H40-srcyqU5mz3IY78SHijAYLdA6OoBpuqDskPYryJ-nntF9OhCHcL-AAxYxXxC97uvFvCO6EfbbIFqUiKXowocGFtgO2x8zXNNK4KZXIQUc9yIYmUlT-YFqVTwAbZOMsTcAi9aUWxdmdLdZIYX9RyJskyRn-Q9zk0HN6P1PRdL_4H8h-oEVsdGlo2tlrXg7T2TaitzU9LuiSiCA4XXzcEx9eMvsUrYX1Wb1-xb99rKxTkEkT2TBtqiFsfmtRkmUjub1QjAWyj0z1QToL7wx27Vx-pixehaRsxifj5KNawsdPLv05QwmRj0MBiPzTd_bl_ysIvXdEyE4hxwtVXpyHz5oThuwEK4yEvJXlKB0US7IjF84v0LC6IflvwpGXivBMNyvKFnlQbf6XxHmC39_BI5zjG7F4M2azw82mdm_XhW-A7ImKIbp8GsNDOIrLt6lWqmrvqLutDPMvc23KO02ECw27m9ZFFPZkTPDIKTyeEOkhMmy4ddgZfJZgLojl5QPMkRLYZ3bNb0bfvO7W8fKxpTYgsVtT6vYWfYttm1jz2wfjyA5LL5RuJ6oT9B8-KokuI1j7T-51kYgFw-UCVNQ8FJMlFc5sh1cDqqnkEkAQQ46AFBHx6Kr7_MXb_kxuyVvnLLTOIJAElP3idGP4_6B0dLrKBq_fhOi8uc2O7OuM2D6Bj_2Id1ZjCmFvw0lQsV3_tMdR8fZ21D

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:13 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF54 0
20 B 112ms
112ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5247577462446&version=m202307240101&ct=76&x=8&cor=3263877172216158000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 392B 0
459 B 136ms
122ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkYRDHabvZLnIOvSTjuwPnOybqA0AAAAAOAHgBAI&bg=!bG-lbyDNAAYkVgHwBFY7ADQBe5WfOPi4IcxJ4TgJI47lbG-VTOamN-TAsg5jWuUTIZsZwclPL_RzL23HIEZsJ6xxo7IlAgAAAuRSAAAAMGgBBwoAtv2TL1_M55sYYboc9Smss4m7k1Pktl-h2Ju3aRyyJej4EVW6TaTKiAD2CvCvDGsuP6Z2TxJ1wUG1Lnu17CaIss4AC-vygEp1u9M3e2dDIWKkxNjevuMiuwHvRu01aZxgrhvR0EtEmeOeLXJ3QtUrSK3E2NspTuc1CCEeK5aHz3R4MmOZCdL4xU_vD-dmQ239kk7gVuqxo1s9ZRKVXK-Bt5hdel1Zx0B0WDxu-kA4xjZaEWUBEKdxmQLZtiPOFVuVJHYC3ann7sF5KKTuw5Yo_WZRXnCelOKjqQZSTCyAMRh9s5bys1TdCqtD66Tl80jj-36OQRCrptdV_jGwgM2Ve7oDOpv1rGEhPtKOpEJhv4DYUKvxhIJuQ2qcrMXy7w2WlEI7eyAwQCQF9xwW9igSF68fwCDJ6q1NaHL4MAk1_-kbmFLxnCPY6h1Q3rHcvjwSxUDQbQDYvE4YNYIGy9qBNYhIFCN3zwLLjk6co2K5BxoFx6Zp73GQDbPK4lwiwQdMqw80KUt6IhSAKZ5yvuTy2oQsSbVYs_F5RDIpGLkamsUTMFdl5ehFtWODLdMhf5XXBBAz8P366cnJHW5wnDN5SF8HhQZhif_NX0RZ5wCamYItdSk1JNY0gzO838vGKgGMhK1OvK_YbDFHXBfoSSG4ka-87Wlbcn_OkIz4Bvt_6DnodbK1EyhTw1_TMcDxAqJ-dyOCI9kYlCubzvaGIaX6jLwQr5ki3p2ifxAuV8uIrgSpa701L6cz4cd7jpO3s9V2o38Trh_IdYxFx2s6x3s3FU2Q7xLoZk4slC_fa2il64Lmqt3N2bs9XWbcxJAtdaW3k4qdC_2UbV-gqrz8mioruyb1SQE4pxfcVjglX3SgpW4ZE6T3SajY8-ba_XPC6tGpq52Eg6S5RxtM7lD2N8GxVwGADPRzlTR1yw0C50xCLs0-b6Qe8nVz0FuwudEBKZxppJ85tHk1sy6VEnPu7WWiY_BWSrbmDO8fN26O4VPL_pRTwuev9Tyrwjudyq1PW-dM4WMiHYt2a_GHkKpnhvU8fJY6_9vV7V8cnJ3dM-rPJkm9eRVHDBAUNzlXQzW6eJAbDxo3M-nb7ZuTBYIB9hg6cB3gTCdQcoH6ZgL2gWZ7uSmWARj0A5zOVuf34mz8Za29X8f4Y_SwgQp1XBoVzFEKMSXNZ1R9DZjUXFPlh7iCkTBrso-yPQsNj2uaPmcdsYz-ORHX

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:13 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
track1.aniview.com/ Frame B6DE 0
120 B 94ms
94ms Ping
text/plain 23.22.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=77643&t=1693427229&cip=178.162.209.131&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=6446608883ac0940fc0b13ca&test=&d64=24135b15bdab25cff54d7bcc05acf2c1&d63=24135b15bdab25cff54d7bcc05acf2c1&aafaid=&proto=http&uid=1693427229279-952420803239-001362-007-007440&cha=0.7&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&d35=&d36=6.2.121&cb=46402511286&d39=&d65=&d66=8.3.17&d74=&d56=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.17&d74=&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&cvid=&cpid=&str=viewable&AV_WIDTH=300&AV_HEIGHT=169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6446608883ac0940fc0b13ca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-92-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 20:27:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A58 0
20 B 116ms
116ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9642617563719&version=m202307240101&ct=76&x=8&cor=2258101414342114300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 117ms
116ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230829&jk=1277819846769102&bg=!PT6lPnHNAAYHwnCgJ8I7ADQBe5WfOKU69Eeii9DbDeRbXuCLjeWYRIylNcQ2Nokhp9RHD-hnvNwBm31veyZEmjILl4MCAgAACVNSAAAACWgBB5kCv_my4NMcpSqWSKOjHk2cZkEZXciNjd3j2A61BDgVwPKhC7t_GnfN3LOeXo2H0rsWcwnCdAiM6nsnXjfqAyQAKCMjlm4E1aFzgqTcNQSx0drsx3EELUgGr79evGJRr76dXIZr3xpLdP2k95G4Sb7Xn8Z7aiZmo7iz0Q0YD7NrzuF-l_RVOTvVDWRm2jEYUPObzjXEaeTOBkp4nxf5HAsJ_lFCEIzhweTYHD6K2y9-DKbDOYskXIN0pAOQCZwBVVuzzgXPHslqDDBnKmWN__YGXuJJ4h3rgp4G_5vq-afx_3mtUbl7HevFaXDQpcKXQ8Sza_etBKsfRClY29VQEKMtkN82YGLRV8ofG-mSeGHKz9_6GCRcFt2SWcwXfzu1s9eymBvgH_KiMCk-q4TPDRVnPKO8fA2WVO5fzIfrdGsASbg2F7HDZYqiklubZN_xyOEQspfDznDhgvTuSwMCpnBZMmKWvY8AMq7f_TaCv79BIMhh8-7Pvh_2eC4BooFFl0J1-bNFXHPaLd06efNiVtWZ2Ts-2Qu0KZ88pUF1AFECW6UAKtvEKVV3hUSQ0nMjyWf9p1185ALhyUO5RQf1jHVGvxG5xrnAxKgdjUU6e5kB8gRvOXhPJjrRxF1afAJa87TmRe7llAHkl0BNS5dWYhx3NcAokN3J-5J52H72J9wruaHv0tRjKiSHCOaZ9uwdgLaydtfXU4X3-9CvjC39UNCsVMLsaE8UTgVTjXVLbu3MYdu7fZ21G4kl87zO1WRFUoCzbR-nWfeQXh2M5DDvZYXJZujZC8rmG8j1gcx_1WlwO1wI6hyDB7u7nScvBGlpM5XafHLbL6fOH2vdHWGToBxXe39-qKLiRGgcEQzvlRnNDOHwVXhTQVrpzXr-7uDRk7bVdrm2YD1yWZsdFJMSE0uW2tucXerXJmvUmJPT5KtmnlI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

POST
H/1.1 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1019 B 477ms
453ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1693427235744&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1544&pt=-565199376&tz=120&viewable=true&ddast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!smbs!t120!ufm_vG!ul3328_vB!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0639e48eb51f4b852cc9a81f238077983348f02d5a3924536eb245408e27ea02

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:16 GMT
Content-Encoding: gzip
Server: nginx
MachineId: 1462
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-bcovery/ Frame 84E2 158 KB
44 KB 130ms
129ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/ultrasurf-bcovery/loader.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d493a4d1c98d1246e9eab5cd820a7c22c4e1b347b52b65097cd5f0311e188ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: OfJV9T1S0325fsv2J1Vt3Tc599NW0RpO
Content-Encoding: gzip
Via: 1.1 varnish
Date: Wed, 30 Aug 2023 20:27:16 GMT
x-amz-request-id: 2QMBHCHVP6Y1FZ3M
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-replication-status: FAILED
Connection: keep-alive
Content-Length: 44109
x-amz-id-2: 7PduDBnA6KRERiBK7sNKI1v3xm6sCj1OaZY0NxP7ryOMnjl+TtfXAYGJ1gEjsIsD/X7iJujWRI0=
X-Served-By: cache-fra-eddf8230055-FRA
Last-Modified: Wed, 30 Aug 2023 09:37:30 GMT
Server: AmazonS3
X-TBL-DEBUG: bestatus=200,beresp=OK
X-Timer: S1693427236.944421,VS0,VE122
ETag: "0bebb7e21a118992bc5aebe0a2ee9f9d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
abp: 48
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 impl.20230830-8-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 84E2 804 KB
167 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-bcovery/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: nQoRCjjgoLejsC0U4vBbL4Rqsc0Bty61
content-encoding: br
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:16 GMT
x-amz-request-id: 25NCCF2SSY4MV7KK
age: 11092
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170365
x-amz-id-2: mFMhg8rQ3cJ8vAxNqYxPhcriAYGLml+ucbCTWTS1sSWo4nBGpl+CsLtTuxgqETBBULTY9/kk4YU=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 09:22:24 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427236.093854,VS0,VE0
etag: "50babf3d0729c17439bdc90bc5fbaeee"
vary: Accept-Encoding
content-type: application/javascript
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5768

GET
H2

200

sync Show response
gum.criteo.com/ Frame 84E2
Redirect Chain

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

46 B
287 B

18ms
17ms

Script
text/javascript

2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Protocol

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 266317
expires: 60

Redirect headers

Location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-bcovery/log/2/ Frame 84E2 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-bcovery/log/2/debug?tim=22%3A27%3A16.185&type=info&msg=http%3A%2F%2Fultrasurfing.com%2F&llvl=2&id=6703&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13511

OPTIONS
H3 200 hourlystat
tempnextstat.bcovery.com/ Frame 0
0 20ms
19ms Preflight 34.117.132.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tempnextstat.bcovery.com/hourlystat
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.132.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 30 Aug 2023 20:27:15 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

POST
H3 200 hourlystat Show response
tempnextstat.bcovery.com/ 1 B
17 B 20ms
20ms XHR
text/plain 34.117.132.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tempnextstat.bcovery.com/hourlystat
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.132.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 20:27:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-bcovery/trc/3/ Frame 84E2 10 KB
4 KB 152ms
151ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-bcovery/trc/3/json?tim=22%3A27%3A16.694&lti=deflated&data=%7B%22id%22%3A505%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%222ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c%22%2C%22uifp%22%3A%222ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c%22%2C%22lbt%22%3A1693388247607%2C%22vi%22%3A1693427228020%2C%22cv%22%3A%2220230830-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%23gsc.tab%3D0%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A180%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A180%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-180x600%3Aabp%3D0%22%2C%22uip%22%3A%22Bcovery-180x600%22%2C%22orig_uip%22%3A%22Bcovery-180x600%22%2C%22cd%22%3A0%2C%22mw%22%3A180%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBcovery-180x600%3Dthumbnails-180x600%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 586a1cac9ff5541142b0d3aa3a06573b5dc911d6e9db16755764128009fb69b4

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 144
date: Wed, 30 Aug 2023 20:27:16 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7479
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693427237.697713,VS0,VE144
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-bcovery/log/2/ Frame 84E2 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-bcovery/log/2/debug?tim=22%3A27%3A16.689&type=info&msg=%7B%22mode%22%3A%22thumbnails-180x600%22%2C%22container%22%3A%22taboola-slot%22%2C%22placement%22%3A%22Bcovery-180x600%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=4766&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18662

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-bcovery/log/2/ Frame 84E2 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-bcovery/log/2/debug?tim=22%3A27%3A16.693&type=info&msg=Bcovery-180x600%20thumbnails-180x600&llvl=2&id=6313&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18662

GET
H2 200 userx.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 84E2 17 KB
6 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-bcovery/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 46MFPVpusEXubZu8LOUmxBi_ATP_T9Zf
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:16 GMT
x-amz-request-id: 2CY3PK2TEXJE5GY3
age: 22110
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: MUPA5RnbxEDy9a2MndKOdLdJAImZaFzpQRLY2uRhaWg4b6KkXDGzJmmbJjdq7HBjcN9iviJkzz0=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 30 Aug 2023 14:18:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693427237.877442,VS0,VE0
etag: "84d9ce4f7b76fbbaa632ca2007cfbd42"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 70
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10461

GET
H2 204 debug
am-trc-events.taboola.com/ultrasurf-bcovery/log/2/ Frame 84E2 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-bcovery/log/2/debug?tim=22%3A27%3A16.861&type=info&msg=Start%20Rendering%20Bcovery-180x600&llvl=2&id=6543&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16819

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-bcovery/log/3/ Frame 84E2 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-bcovery/log/3/abtests?route=AM:AM:V&lti=deflated&ri=bd9b4c5df49ab961d2c2e0cf0375d12e&sd=v2_79fba9a6af11c7ecb9cd31eb72e1a689_2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c_1693427236_1693427236_CIi3jgYQ1excGPS6g8GkMSABKAQwODib4wlAiIoQSPnG2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&pi=/&wi=7029038949508388361&pt=text&vi=1693427228020&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693427236863%7D&tim=22%3A27%3A16.863&id=791&llvl=2&cv=20230830-8-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/ultrasurf-bcovery/log/2/ Frame 84E2 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-bcovery/log/2/debug?tim=22%3A27%3A16.873&type=info&msg=Finish%20Rendering%20Bcovery-180x600&llvl=2&id=8589&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16819

GET
H2 204 debug
am-trc-events.taboola.com/ultrasurf-bcovery/log/2/ Frame 84E2 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-bcovery/log/2/debug?tim=22%3A27%3A16.898&type=info&msg=Finish%20Rendering%20Bcovery-180x600&llvl=2&id=965&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15429

GET
H2 200 07e8b906600c146460a18d32e3116261.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 84E2 7 KB
7 KB 17ms
15ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07e8b906600c146460a18d32e3116261.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88d8c75dec75cda971b37c4cf6813ee73de11b1ace075c30a57ab03c86a0b6f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07e8b906600c146460a18d32e3116261.jpg
age: 1597792
edge-cache-tag: 298445344565469869341698286303018258030,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 298445344565469869341698286303018258030,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 493
req-referer: https://www.tippsundtricks.co/
content-length: 6812
x-request-id: 8c270885342c2f680159791819314b28
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200022-IAD, cache-iad-kiad7000121-IAD, cache-lax10672-LGB, cache-iad-kiad7000071-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 14:54:28 GMT
server: nginx
x-timer: S1693427237.921160,VS0,VE2
etag: "b9ff14feb4c61cc9f033ae505efb65fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 f5347b089c8a41bd84574e3f6a597ec3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 84E2 10 KB
11 KB 27ms
25ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5347b089c8a41bd84574e3f6a597ec3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f19c4163cd98382dc632e86424fc8321a4e1b2e0549406bd9d515c0226674e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5347b089c8a41bd84574e3f6a597ec3.jpg
age: 19150
edge-cache-tag: 561438044100001217268063659559416156455,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 561438044100001217268063659559416156455,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 164
expiration: expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazeta-shqip.com/
content-length: 10380
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100079-IAD, cache-iad-kiad7000056-IAD, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230023-FRA
last-modified: Sun, 30 Jul 2023 08:57:20 GMT
server: nginx
x-timer: S1693427237.921158,VS0,VE10
etag: "6223d461ec5da4c49896e2a6585d446f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1

GET
H2 200 3f5dae7d-b635-49b7-b1c9-0d8522db0f85_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/ Frame 84E2 3 KB
4 KB 23ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/3f5dae7d-b635-49b7-b1c9-0d8522db0f85_1000x600.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e06e6d90c15714a2b292a6e06bf51407df1172a76da0052108de8f09964b525

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/3f5dae7d-b635-49b7-b1c9-0d8522db0f85_1000x600.jpeg
age: 2336387
edge-cache-tag: 427172648075951874875902654904357916702,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 427172648075951874875902654904357916702,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 2732
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100054-IAD, cache-iad-kiad7000123-IAD, cache-sna10749-LGB, cache-iad-kjyo7100085-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 25 Jul 2023 13:44:41 GMT
server: nginx
x-timer: S1693427237.921375,VS0,VE6
etag: "113149e88a8fbc287b305bb5f44c8e53"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 b112bac4-72bd-4f15-9036-ee0012e3884f__sCs8KYPE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ Frame 84E2 3 KB
4 KB 10ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b112bac4-72bd-4f15-9036-ee0012e3884f__sCs8KYPE.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 59f98d102dae58bf3c773c8f2e8e348bd4fee35b1fdb3e2bf532ded50363454a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b112bac4-72bd-4f15-9036-ee0012e3884f__sCs8KYPE.jpg
age: 203280
edge-cache-tag: 609666642092859232359445757773731514616,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609666642092859232359445757773731514616,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 454
req-referer: https://www.jeanmarcmorandini.com/
content-length: 3028
x-request-id: ebfe735278a7f613adaab64751892280
x-backend-name: LA_nlb203
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kiad7000038-IAD, cache-sna10738-LGB, cache-iad-kjyo7100133-IAD, cache-fra-eddf8230023-FRA
last-modified: Thu, 24 Aug 2023 09:48:51 GMT
server: nginx
x-timer: S1693427237.915018,VS0,VE1
etag: "740ca82798ce46d5f23e6079123249ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07e8b906600c146460a18d32e3116261.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88d8c75dec75cda971b37c4cf6813ee73de11b1ace075c30a57ab03c86a0b6f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07e8b906600c146460a18d32e3116261.jpg
age: 1597792
edge-cache-tag: 298445344565469869341698286303018258030,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 298445344565469869341698286303018258030,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 493
req-referer: https://www.tippsundtricks.co/
content-length: 6812
x-request-id: 8c270885342c2f680159791819314b28
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200022-IAD, cache-iad-kiad7000121-IAD, cache-lax10672-LGB, cache-iad-kiad7000071-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 04 Aug 2023 14:54:28 GMT
server: nginx
x-timer: S1693427237.941957,VS0,VE0
etag: "b9ff14feb4c61cc9f033ae505efb65fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b112bac4-72bd-4f15-9036-ee0012e3884f__sCs8KYPE.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 59f98d102dae58bf3c773c8f2e8e348bd4fee35b1fdb3e2bf532ded50363454a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b112bac4-72bd-4f15-9036-ee0012e3884f__sCs8KYPE.jpg
age: 203280
edge-cache-tag: 609666642092859232359445757773731514616,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609666642092859232359445757773731514616,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 454
req-referer: https://www.jeanmarcmorandini.com/
content-length: 3028
x-request-id: ebfe735278a7f613adaab64751892280
x-backend-name: LA_nlb203
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kiad7000038-IAD, cache-sna10738-LGB, cache-iad-kjyo7100133-IAD, cache-fra-eddf8230023-FRA
last-modified: Thu, 24 Aug 2023 09:48:51 GMT
server: nginx
x-timer: S1693427237.942650,VS0,VE0
etag: "740ca82798ce46d5f23e6079123249ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5347b089c8a41bd84574e3f6a597ec3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f19c4163cd98382dc632e86424fc8321a4e1b2e0549406bd9d515c0226674e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5347b089c8a41bd84574e3f6a597ec3.jpg
age: 19150
edge-cache-tag: 561438044100001217268063659559416156455,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 561438044100001217268063659559416156455,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 164
expiration: expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazeta-shqip.com/
content-length: 10380
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100079-IAD, cache-iad-kiad7000056-IAD, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230023-FRA
last-modified: Sun, 30 Jul 2023 08:57:20 GMT
server: nginx
x-timer: S1693427237.955806,VS0,VE0
etag: "6223d461ec5da4c49896e2a6585d446f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/3f5dae7d-b635-49b7-b1c9-0d8522db0f85_1000x600.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e06e6d90c15714a2b292a6e06bf51407df1172a76da0052108de8f09964b525

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 30 Aug 2023 20:27:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_110%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/3f5dae7d-b635-49b7-b1c9-0d8522db0f85_1000x600.jpeg
age: 2336387
edge-cache-tag: 427172648075951874875902654904357916702,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
cache-tag: 427172648075951874875902654904357916702,347598178143381575381763295327311295679,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 2732
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100054-IAD, cache-iad-kiad7000123-IAD, cache-sna10749-LGB, cache-iad-kjyo7100085-IAD, cache-fra-eddf8230023-FRA
last-modified: Tue, 25 Jul 2023 13:44:41 GMT
server: nginx
x-timer: S1693427237.955968,VS0,VE0
etag: "113149e88a8fbc287b305bb5f44c8e53"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H2 200 flickstree_combine_content_17_06_231.ts Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 1 MB
1 MB 24ms
23ms XHR
video/mp2t 138.199.36.7
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/flickstree_combine_content_17_06_231.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-7.bunnyinfra.net
Software: BunnyCDN-DE1-1047 /
Resource Hash: 2d9ab926c4b29188b963130147509a7b285bb3f8b4a7ea2f1e948665675d54c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 30 Aug 2023 20:27:17 GMT
cdn-edgestorageid: 860
cdn-cachedat: 08/09/2023 09:26:06
cdn-pullzone: 1464120
content-length: 1136084
last-modified: Tue, 18 Jul 2023 10:07:19 GMT
server: BunnyCDN-DE1-1047
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 738e78ffb2e39b8c110de3303d41788f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-bcovery/log/3/ Frame 84E2 0
346 B 16ms
16ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-bcovery/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 30 Aug 2023 20:27:17 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7552
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
server: nginx
x-timer: S1693427238.899925,VS0,VE9
content-type: image/gif
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-bcovery/log/3/ Frame 84E2 0
63 B 17ms
17ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-bcovery/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 30 Aug 2023 20:27:17 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7551
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
server: nginx
x-timer: S1693427238.901987,VS0,VE9
content-type: image/gif
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 84E2 254 B
1 KB 8ms
7ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date: Wed, 30 Aug 2023 20:27:17 GMT
Via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
Age: 21599
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
X-Served-By: cache-fra-eddf8230055-FRA
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1693427238.918265,VS0,VE0
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type: image/png
abp: 12
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11043

POST
H/1.1 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1016 B 68ms
67ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1693427238745&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1544&pt=-565199376&tz=120&viewable=true&ddast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!smbs!t120!ufm_vG!ul3328_vB!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e2c1a957b6b07aaee9d08176a52947c0636371d959c576f94c6ecda13e2adccc

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:18 GMT
Content-Encoding: gzip
Server: nginx
MachineId: 1489
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 84E2 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:18 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 2475
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693427239.861796,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 6
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 11951

GET
H2 200 ifs.js Show response
cdn.taboola.com/scripts/ Frame 84E2 2 KB
1 KB 9ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/ifs.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e17075cf2f747253cb3c737891be0f417b8f4330ddab9d53013bdd4ebca568ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hHYTz8VC1WtMBCSsI42K1YQZ3IXPhs3V
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:18 GMT
x-amz-request-id: KKZE0W22J1Q7ZPPB
age: 19798
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 988
x-amz-id-2: F3ExyTtzzLXbbwz7WQILBmBt6cjE6RenLxc+8NkWagS7KTru7zRUQmU5Zesa1HFzMZoAEXa9Ges=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Sun, 12 Mar 2023 12:23:45 GMT
server: AmazonS3
x-timer: S1693427239.862408,VS0,VE0
etag: "93d5bb91c9a48c4edbc164a65354b00c"
vary: Accept-Encoding
content-type: application/javascript
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 15528

GET
H2 200 cwc.es5.js Show response
cdn.taboola.com/scripts/ Frame 84E2 743 B
647 B 10ms
8ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cwc.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: IYbtgS7TGj76rfUv8k6SvppRdu.fLwnH
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Aug 2023 20:27:18 GMT
x-amz-request-id: 6F9CVK5C8W7H262W
age: 20921
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 405
x-amz-id-2: bYmU3EUXu+5HUNVe9DmRLL+ljjq7NCqn56rZ5XuNqNAB9lG/BJh2wPScThMy4K3jxPpNQz2JoZw=
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Mon, 18 Jul 2022 11:56:22 GMT
server: AmazonS3
x-timer: S1693427239.862532,VS0,VE0
etag: "c7297e1aade4377754403b305af75d61"
vary: Accept-Encoding
content-type: application/javascript
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 10324

GET
H2 200 / Show response
pips.taboola.com/ Frame 84E2 64 B
122 B 7ms
7ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 2fbdaf97983d1058e465d55986bfad0dbacfa69a932de1593fed8980573f8b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230041-FRA
date: Wed, 30 Aug 2023 20:27:18 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 / Show response
tsdtocl.com/ Frame 4538 786 B
1 KB 32ms
9ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tsdtocl.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 819
content-length: 786
content-type: text/html
date: Wed, 30 Aug 2023 20:27:18 GMT
etag: "fb5a4594b9ffef704d61bb6e6f80f145"
last-modified: Wed, 05 Jan 2022 19:36:57 GMT
server: AmazonS3
via: 1.1 varnish
x-amz-id-2: j+S9y/AskIf0AU324ogEYR/qYD5SZFoGeSO6dw70LYM37rt07/TSUnMMnsWEammvKyqMjZT7mIU=
x-amz-replication-status: COMPLETED
x-amz-request-id: NAYQ7SJKHQHFDE93
x-amz-version-id: Qk4nobcRRphLiqVWi0NeSs0dand8kap0
x-cache: HIT
x-cache-hits: 446
x-served-by: cache-fra-eddf8230064-FRA
x-timer: S1693427239.909746,VS0,VE0

GET
H2 204 / Show response
cds.taboola.com/ Frame 84E2 0
82 B 257ms
85ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c&uad=f88018ccd0130d185511681a282284d4f797f33d76715b44b3ebea7e6d349dfc
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 20:27:19 GMT
cache-control: no-store
server: nginx

GET
H3 200 SpriteSheet-1.png
s0.2mdn.net/sadbundle/69296281403821291/ Frame 44DA 51 KB
51 KB 14ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/69296281403821291/SpriteSheet-1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f5a2bfb90701e8fb4339729c5b8d4643988427cbfbefd5d81a347c073a4b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/69296281403821291/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:31:02 GMT
x-content-type-options: nosniff
age: 550577
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52195
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 10:54:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:31:02 GMT

POST
H/1.1 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1019 B 78ms
78ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1693427241748&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1544&pt=-565199376&tz=120&viewable=true&ddast=V8PEoCLAZktfHuEg3UTRDIauPdJRqomygAAABgYID-AEktZsvhzDNZK5y7iVu0WVncyoVh45bsRsOJyeEbTlarISCpxWw5nHkma4VzN3GLNiuLW7kwbNyS3Wg4MTl8w8lqNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxeFA_B6j32z6BwAAAAAQAAAAACQABgy_SwBQdE2e-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6G4OH2DEBQxCoRKRguwggAAACArGj04JFJOkHFosr__3-_FYArAAABikgg3oVZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-Ucj9KQXngao2gNXzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdRJosNlMFrPVcHYAAAAA7vz____rARnXyuMZbFa-4XI3nFlci8VoNtgMR6aJbblZDIfb4360cZPOvOjWJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVsgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYysHKblyuZaa0a2wVo022zcCpdv5NYYlsvRaDczDie2tej1MV1czsnEufEiwQCUvUieFulE41sOFrvZyrHbDSYew2Q53Lgmq93KtBlNPKbNcCKWaE4W6UR22XdcK49nsFn5hsvdcGZxLRaj2WAzHJkmtuVmMRzuKyuHabmyudaakW2wFs02G7fC5Ru5NYblcjTazYzDiW0ten1MF5dzMnFu_I3ZcjOa7CaT4b4xW25Gk91kMtx3mEzP1OdsFNdyEo_Qqe2MO66b06BwGSzen8S0mHZnB9PJd3QKdR9lUWf0-_1-v9_v9_v9foPWczAbFL5v2W_UrcXmYHFzMIgNBkUsEVykE9XZdHl4XpebW3U2XR6e1-VmEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcPsRvOFbPJXDJYzhWbxSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBQMUeuFHrh_AhyOBvtH4AKsVar1e3GWq1WwIIZDnbDCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!smbs!t120!ufm_vG!ul3328_vB!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0639e48eb51f4b852cc9a81f238077983348f02d5a3924536eb245408e27ea02

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:21 GMT
Content-Encoding: gzip
Server: nginx
MachineId: 1431
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 1 KB
920 B 93ms
14ms XHR
application/json 185.89.208.11

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 -, , ASN (),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 2fa9f8cc9fa131263818ac4734479ca47667eb60f80d392b012fb62ab0440789

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:22 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 dc_oe=ChMI2cnwg5yFgQMVbpCDBx0iRQ4gEAAYACDz3PRdQhMIkZT6gpyFgQMVeJKDBx2VzQ-f;met=1;&timestamp=1693427242775;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame BF54 42 B
401 B 239ms
130ms Image
image/gif 172.217.18.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2cnwg5yFgQMVbpCDBx0iRQ4gEAAYACDz3PRdQhMIkZT6gpyFgQMVeJKDBx2VzQ-f;met=1;&timestamp=1693427242775;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consen...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_...
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=4a6311d0-d0ad-4dac-a636-c782121d275e

43 B
991 B

218ms
203ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=4a6311d0-d0ad-4dac-a636-c782121d275e

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
an-x-request-uuid: 9da47a22-7f65-4d04-8aa9-0297bf2d8cba
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=4a6311d0-d0ad-4dac-a636-c782121d275e
date: Wed, 30 Aug 2023 20:27:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dc_oe=ChMI-cr6g5yFgQMV9ImDBx0c9gbVEAAYACD__4BeQhMI_6P8gpyFgQMV0ZmDBx3Y-gtD;met=1;&timestamp=1693427243059;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5A58 42 B
107 B 131ms
129ms Image
image/gif 172.217.18.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-cr6g5yFgQMV9ImDBx0c9gbVEAAYACD__4BeQhMI_6P8gpyFgQMV0ZmDBx3Y-gtD;met=1;&timestamp=1693427243059;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pbsync
ads.yieldmo.com/ 0
34 B 34ms
33ms Image
text/plain 18.200.206.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.206.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-206-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:23 GMT

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526...
https://prebid.adnxs.com/pbs/v1/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6594705022417687362

86 B
680 B

17ms
16ms

Image
image/png

185.89.208.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6594705022417687362
Protocol: HTTP/1.1
Server: 185.89.208.11 -, , ASN (),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Server: nginx/1.21.3
Vary: Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
an-x-request-uuid: 65346104-30cf-4c98-b0fe-3153353cf30d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=6594705022417687362
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
214 B 96ms
95ms Ping
text/plain 54.86.248.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://track1.avplayer.com/ctrack?pt=2&d66=8.3.17&d74=&stagid=644662fd5e555cc28b0f44a5&stplid=6446624c6225dc6f8f064258&pid=6446608883ac0940fc0b13ca&cid=6446621c2b382b7b120d03d3&r=ultrasurfing.com&sn=&cd1=&app=&test=&cb=1693427242837
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: HTTP/1.1
Server: 54.86.248.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-248-253.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 30 Aug 2023 20:27:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame FA05 0
176 B 93ms
20ms Document
text/html 34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 30 Aug 2023 20:27:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

204
No Content

/
ce.lijit.com/beacon/prebid-server/ Frame D7F6
Redirect Chain

https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3D...
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3D...

0
0

88ms
21ms

Document
text/plain

216.52.2.91

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Wed, 30 Aug 2023 20:27:24 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

Content-length: 0
Location: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6BEF 3 KB
2 KB 71ms
15ms Document
text/html 172.64.149.180

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 382
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7fefc6301f679956-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 20:27:23 GMT
expires: Thu, 31 Aug 2023 00:27:23 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 88FC 0
80 B 21ms
20ms Document
text/html 34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 30 Aug 2023 20:27:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 pbcas
ads.yieldmo.com/ Frame BCAB 0
0 44ms
44ms Document
text/plain 18.200.206.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.206.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-206-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 30 Aug 2023 20:27:23 GMT

GET
H2 200 pd Show response
digikulture-d.openx.net/w/1.0/ Frame 3747 0
80 B 66ms
22ms Document
text/html 34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://digikulture-d.openx.net/w/1.0/pd
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 30 Aug 2023 20:27:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4C49 281 B
554 B 11ms
10ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 20:27:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E2CE 52 KB
17 KB 64ms
7ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 49933
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Aug 2023 20:27:23 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 311, 344367
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230100-FRA
X-Timer: S1693427244.556322,VS0,VE0

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 10ms
9ms Image
image/gif 18.159.70.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.70.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-70-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4C49 34 KB
10 KB 9ms
8ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 20:27:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61208
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:27:31 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame D049
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

11ms
10ms

Document
text/html

185.80.39.216

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ddca090351b1fdb78ef5e40b35a471ec96b143711570738f27ff456704fd7a37

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1816
Content-Type: text/html
Date: Wed, 30 Aug 2023 20:27:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Wed, 30 Aug 2023 20:27:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E2CE 0
597 B 11ms
11ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
an-x-request-uuid: 83749886-49b0-47d8-ab5e-af06c635dd2e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D049
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO.mK1sF5SF92-5OONFJZQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMF4OhRt2Yy1RvBOmwchbkQ&google_cver=1&google_hm=2

43 B
632 B

13ms
12ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMF4OhRt2Yy1RvBOmwchbkQ&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMF4OhRt2Yy1RvBOmwchbkQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D049
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJysxdlytLRb01VGyi2Qdx4&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJysxdlytLRb01VGyi2Qdx4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJysxdlytLRb01VGyi2Qdx4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D049
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

119ms
118ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F59T8GQKN6AD0H3XB1M0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P3F3FJKH6JGRMQ0A0S80
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-mK1sF5SF92_5OONFJZQAADJIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D049 70 B
264 B 38ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D049
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0832f0fd-eae1-7c12-5b14234f

43 B
632 B

10ms
8ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0832f0fd-eae1-7c12-5b14234f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

date: Wed, 30 Aug 2023 20:27:23 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0832f0fd-eae1-7c12-5b14234f
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H2 200 bridge
cm.adgrx.com/ Frame D049 43 B
283 B 144ms
31ms Image
image/gif 64.95.96.108

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-10
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D049
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=C1FURlxTAEIQVlcSCFQcFApUA0YQVQkTCAPbShKA

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=C1FURlxTAEIQVlcSCFQcFApUA0YQVQkTCAPbShKA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=C1FURlxTAEIQVlcSCFQcFApUA0YQVQkTCAPbShKA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D049
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
632 B

19ms
18ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 20:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Wed, 30 Aug 2023 20:27:23 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame D049 43 B
352 B 61ms
17ms Image
image/gif 104.18.38.76

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZO.mK1sF5SF92-5OONFJZQAA%263218
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fultrasurfing.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:27:23 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 3792
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fefc6318c419bd6-FRA
content-length: 43
expires: Thu, 31 Aug 2023 20:27:23 GMT

POST
H3 200 hourlystat
tempnextstat.bcovery.com/ 1 B
17 B 20ms
19ms XHR
text/plain 34.117.132.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tempnextstat.bcovery.com/hourlystat
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.132.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 20:27:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8

OPTIONS
H3 200 hourlystat
tempnextstat.bcovery.com/ Frame 0
0 19ms
19ms Preflight 34.117.132.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tempnextstat.bcovery.com/hourlystat
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.132.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 30 Aug 2023 20:27:23 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 async_usersync
ib.adnxs.com/ Frame E2CE 0
597 B 11ms
10ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 20:27:24 GMT
an-x-request-uuid: 3c097912-3737-4419-a2dd-dc2fc5199684
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=8.7.0&coppa=0

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&src=aps&ver=1.0.1

Verdicts & Comments Add Verdict or Comment

478 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quantserve.com/	1970-01-20 23:54:01	Name: mc Value: 64efa61b-3f251-4712f-0835f
.ultrasurfing.com/	1970-01-20 23:48:16	Name: __qca Value: P0-1720539201-1693427227141
.ultrasurfing.com/	1970-01-20 23:59:47	Name: _ga_Y4YW22RJ0K Value: GS1.1.1693427227.1.0.1693427227.60.0.0
.ultrasurfing.com/	1970-01-20 23:59:47	Name: _ga Value: GA1.1.1504099132.1693427227
ultrasurfing.com/	1970-01-20 23:09:23	Name: _uc_referrer Value: direct
ultrasurfing.com/	1970-01-20 15:06:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.clarity.ms/	1970-01-20 23:09:23	Name: CLID Value: 82417a2cb081444c82dff2859335575e.20230830.20240829
.rubiconproject.com/	1970-01-20 23:09:23	Name: khaos Value: LLY6UJM8-K-7D0W
.rubiconproject.com/	1970-01-20 23:09:23	Name: audit Value: 1\|naVuGyos1qpQN+sJtpr9yS+IXqvPVzt4X6LBWwGzep07cZe5xyGZWSiZwsbp794m9o4CW9FCQy2O1cY3TuAeAUgcdj94p/MzWYYnoWsmBosijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
ultrasurfing.com/	1970-01-20 14:23:50	Name: _lr_retry_request Value: true
ultrasurfing.com/	1970-01-20 15:06:59	Name: _lr_env_src_ats Value: false
ultrasurfing.com/	1970-01-20 23:09:23	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D2ea49ef5-3d60-463c-ae7d-c099447f88b6-tuctbe92b9c
.liadm.com/	1970-01-20 23:59:47	Name: lidid Value: 36529130-d3de-40fc-8b9e-a5a9899f2db3
.ultrasurfing.com/	1970-01-20 23:09:23	Name: _clck Value: 740kbq\|2\|fel\|0\|1337
.bing.com/	1970-01-20 23:45:23	Name: MUID Value: 26F204B8FFCF6B4D3ECA17C5FE1D6A43
.c.bing.com/	1970-01-20 14:33:52	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:45:23	Name: SRM_B Value: 26F204B8FFCF6B4D3ECA17C5FE1D6A43
ultrasurfing.com/	1970-01-20 14:25:13	Name: pbjs_li_nonid Value: %7B%7D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:45:23	Name: MUID Value: 26F204B8FFCF6B4D3ECA17C5FE1D6A43
.c.clarity.ms/	1970-01-20 14:33:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:23:47	Name: ANONCHK Value: 0
.ultrasurfing.com/	1970-01-20 23:45:23	Name: __gads Value: ID=6eadb75a0a02adc0:T=1693427228:RT=1693427228:S=ALNI_MYgbhGZ_JBVqqIpfODRil5gwKuhjA
.ultrasurfing.com/	1970-01-20 23:45:23	Name: __gpi Value: UID=00000c6b9236ea69:T=1693427228:RT=1693427228:S=ALNI_MaFQA8tqOcZJk7QWHIMcsDZnfXrEA
.doubleclick.net/	1970-01-20 23:45:23	Name: IDE Value: AHWqTUnclmAolWiKjJ-mdDlTuo0hn2UvNti-vnXufzsldNAKAcQir1-p-q9z5-zG
.aniview.com/	1970-01-20 14:52:35	Name: aniC Value: 1693427229279-952420803239-001362-007-007440
.doubleclick.net/	1970-01-20 14:23:48	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 18:42:59	Name: APC Value: AfxxVi7O_yQC-M-pboINv7YUNXZrapqIy7dUVecNeZr3QcDmw5Lz7w
.ultrasurfing.com/	1970-01-20 14:25:13	Name: _clsk Value: 1ck93ju\|1693427229972\|1\|0\|p.clarity.ms/collect
.yahoo.com/	1970-01-20 23:09:44	Name: A3 Value: d=AQABBB-m72QCEKq95DUESCn-RMg0qIuWUG0FEgEBAQH38GT5ZAAAAAAA_eMAAA&S=AQAAAs7OyM4a3WIUawri-tEg_BQ
.linkedin.com/	1970-01-20 23:09:23	Name: bcookie Value: "v=2&bd57b67a-3cea-4988-8fe2-1731b9232281"
.linkedin.com/	1970-01-20 18:42:59	Name: li_gc Value: MTswOzE2OTM0MjcyMzE7MjswMjHZmWcFvmqsANp0fZJApRgcivcul9RMoqcRIjs4pZLu0A==
.linkedin.com/	1970-01-20 14:25:13	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2947:u=1:x=1:i=1693427231:t=1693513631:v=2:sig=AQEOz9d2zy5-EgN2E8uGs0KShzBwl6YB"
.googleadservices.com/	1970-01-20 16:33:23	Name: ar_debug Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://ultrasurfing.com/#gsc.tab=0 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-8502237298656009&fa=1&ifi=5&uci=a!5&btvi=1&xpc=bc3iRbb2zL&p=http%3A//ultrasurfing.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.yieldlab.net
ade.googlesyndication.com
ads.yieldmo.com
aegis.anonymised.io
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
be2c1f179d76745143641655abc4339e.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cat2.hbwrapper.com
cdn-ima.33across.com
cdn.adpushup.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.playstream.media
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
clients1.google.com
cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cse.google.com
digikulture-d.openx.net
dm.hybrid.ai
dmp.brand-display.com
dsum-sec.casalemedia.com
e3.adpushup.com
edge.quantserve.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.playstream.media
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imprammp.taboola.com
increaserev.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lockerdome.com
m.exactag.com
match.adsrvr.org
p.clarity.ms
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid.adnxs.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.anonymised.io
stats.g.doubleclick.net
storage.googleapis.com
sync.adotmob.com
sync.taboola.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tempnextstat.bcovery.com
tg1.playstream.media
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
track1.avplayer.com
trc-events.taboola.com
trc.taboola.com
tsdtocl.com
u.openx.net
ultrasurfing.com
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.clarity.ms
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
lexicon.33across.com
104.154.142.214
104.18.38.76
13.224.192.181
138.199.36.7
141.226.224.32
141.226.228.48
141.95.98.64
142.250.184.226
142.250.186.130
142.250.186.98
151.101.1.44
151.101.129.44
151.101.193.108
151.101.193.44
151.101.65.44
162.19.138.118
172.217.18.98
172.64.148.101
172.64.149.180
172.64.152.89
18.159.70.92
18.165.201.65
18.200.206.93
18.203.189.31
185.183.112.148
185.80.39.216
185.86.138.154
185.89.208.11
2.19.85.30
20.122.63.128
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
209.191.163.208
216.52.2.91
23.205.176.78
23.22.92.111
23.35.233.75
23.97.225.52
2400:52e0:1e00::1075:1
2600:9000:223c:1c00:6:44e3:f8c0:93a1
2600:9000:223c:5c00:6:44e3:f8c0:93a1
2602:803:c003:200::27
2602:803:c003:200::31
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:20::681a:17e
2606:4700::6810:5514
2606:4700::6810:84e5
2606:4700::6811:190e
2606:4700:e0::ac40:6612
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80b::2010
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a02:2638:d::d
2a02:26f0:2c:2bc::2c79
2a02:26f0:3000::170a:f969
2a02:26f0:780::210:ca41
2a02:fa8:8806:13::1460
2a04:4e42:400::300
2a05:d018:d29:3605:f821:c088:dfda:b5f7
2a06:98c1:3121::3
3.210.209.86
3.64.142.32
34.107.217.107
34.117.132.248
34.160.19.107
34.98.64.218
35.227.252.103
35.71.131.137
37.157.4.28
37.18.16.23
37.252.173.215
46.228.174.115
52.18.110.117
52.222.209.4
52.46.151.131
54.211.96.115
54.86.248.253
63.32.5.54
64.95.96.108
67.220.228.200
68.183.18.251
68.219.88.97
69.16.175.42
69.173.144.139
72.246.169.246
8.43.72.97
85.14.248.72
016a592f00170a77e5037f43bf391a6f1b15913934f618e17cdcdd644b8853b8
019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6
03293e996cb7e1e98e2d39f5b5add0bdcd77fdb8d4ea63339e652fa2008afbde
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05adb1a8ab31ced159adf8401bc91d0c28dc75777423ea84358b9565147b5925
0639e48eb51f4b852cc9a81f238077983348f02d5a3924536eb245408e27ea02
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074707ddccdd3ddae836df447e5cd3878e37104388431b3bc02b7f1081749aa9
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9c2d916d745897ba3df251cd6265b30a7bbdd11a68871099ed4b4b9588a361
0c4b85f7490fcc3d9049fd04a57cdaaf0202a0846ae37c45f27bdd4f8b12c1e6
0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114
0d493a4d1c98d1246e9eab5cd820a7c22c4e1b347b52b65097cd5f0311e188ae
0dddf70bf2b14c632451818b83903ea27697678f084157eb2084e7b36a4b7e16
0e6ed2edf25d329b12e223260eec4eced66497095de78869e27d5a0e76b073a7
0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f
116c470561f08bc0c384f9306f59865db7fe8c0c2efc7b2435ecbb4417130fd0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
138e31d25e30bcde8106c3c00336df7bf2e02ff4e7465c03d2007bc6800cd610
1424cde52646c5adabd24e661a983586e0cd022f2ac35e40079f94a61c83f13c
159fb301ff3b3fe5835e4cd6cbf5e2e9c8269d8a2c59419622b7dbb6beed03b8
15bfe024c6901e652462c628893e39356741b7ef95b174887dff58dba2d2ec72
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
196cd00c896a1bb63d36e82154a29945a89736829cbd087edff795bb761f41d6
1b6bf70385dbfb38591fb8fa9d3ac00743f4dbc7c94671cd96d4e32cdebec601
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e34222b88bb8dd60c1200d0422c58749ca77f9bd11f914adfa547112b594a0a
1ed09e05dd4c0cb72ba7fe32de99209fd1d11c8ad2d64754e5a1b21592864c9a
1ff9c4689c626ddbcae332e42ab9b01e9fd3691fdf5fa4ffe0a73c9e69e61ff5
24095533dbae557b1bd3382e30fc3757cca99461f6e750d91b53e97dd71acd70
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2795c2555cc2103629f87ecf1c1950d3dcc014eec08fd22f52894965dbc29922
2b0a9f799ed53e375ae24c1aa0e30fe55e9b72cca8f09400a8d7f9c5969073b0
2c0f396665f3785d81c663f06089447a2f0e13c296f58407b2ede914c198b967
2d9ab926c4b29188b963130147509a7b285bb3f8b4a7ea2f1e948665675d54c4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3296182be09672399fa3719de3d1a6a95e1bbd1f216efc9ae108128300e809
2eadf86ab162e1d578164338aea12323e59534a9d43fbd526d609a667965003d
2ef4131bd06fab5d5248732f9739d8de273f439a463e008b05bf7a6f599474e7
2fa9f8cc9fa131263818ac4734479ca47667eb60f80d392b012fb62ab0440789
2fbdaf97983d1058e465d55986bfad0dbacfa69a932de1593fed8980573f8b2b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cd984132d7355a3d3c7a7484ed49897d09384e0fdb1cced32c7c3cb7620688
32509e0b99553fc1895491487bebfa0bab83543f145156ad14ee3d3fd4a32734
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
354f063b7b17c691db2b5f70d15f8d09aea7c7728dd98ca682aeb83d85455fbb
3687ad35bebbe9b7c32c51f353237548ad315007e7c768b2f228aa69b1d010f5
37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44
389067ab18faff869d6db8acea50f4292632eb33f3547918a4ac00d95434b24f
3964e306d6b67165ac73c35d1da6dff273cb8e6f51a3fa4a615582a2a637026d
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b4d5d2515121b6edf64cede21340a8f9fec8b04371f1b04b07765aecf70f00a
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f5a2bfb90701e8fb4339729c5b8d4643988427cbfbefd5d81a347c073a4b7a
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
424567d8566edafd66d521705cd70cce6eceb8a18a8da035e6ec4d74dd4583c7
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47bd7e9b5b5d775399dd26950d1113c12c5562b72eb74ee1cfc45644075e8b40
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4bd0a81018f1b3e605c1cffc215ae9ded64845860d99e4c034f81c8e45bdaf30
4c085d36eb3f96c469413e0edd223f949ae37c78373d1cfcbeab0d48252663af
4d2a132ef6738626fc7f481db2ae94e5a01c13013090dee66370944dd80aa22c
4d3c20e0c23af2e126af2e85cba7fd6f7ff72b738eb9eede07f74d0f824fa533
4e06e6d90c15714a2b292a6e06bf51407df1172a76da0052108de8f09964b525
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5082292c1a975e6b462573ba5739f209a3fdf334e327fdac894241ceb92def25
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
517f843f60ee886ad8a08a47e203a77b27ca99a683cdd3306ed61de307badd6b
51d50e35fef162329c65f20917c771ddefd3fd26d7662d2332e119d9181353f3
531aec0ab20ed5fd32b06dfa565c7edfc1f406a5e6cc38ffe3499fbde4339186
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9
535520dc8857dfcf9610d361f99e9d419786585dda328a3f6635eba5982803d4
53d2024ea85892bc55360668102bae5e75721a529e81534124a3feceedff6047
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549b0d45dfe1adef0f4412220c9e7b22ea9aff17db7545eb0534182a8f8d3ed0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
5730c7d2ccee1dbe00f07bcd36df2223be8ac45b200d9f735fbd1a0e8edd3549
586a1cac9ff5541142b0d3aa3a06573b5dc911d6e9db16755764128009fb69b4
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
59f98d102dae58bf3c773c8f2e8e348bd4fee35b1fdb3e2bf532ded50363454a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5de76ff60eda0bfa1c2f0e340e7adfec5b207928469ad3ad7061f45cac0a691b
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
604ad422181a0211b06527f1a9ae9636d5c72de49d436852f991e3e0cab6c19d
609c6799630ec0463d0cdac97b62685df6561709429a2986add330b727889e52
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e1420ce4693d6b716a3ccf1f7d3d79b7815408a5429788f99a9544e5edce1f
65f6c88fb82562815e260ea6540818a842016976a36f6512a7982f69647528e3
67f56cd18729bc8197080c7bf7b3a8c9776084b94fcb71ef06bb2dd61980fe9c
6929bbe411ea16e17cac6b34da944610a1cb34353c4244a36a3dcaf468728a12
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0
6cff6d9f940688d8d51b43afdc695b22b4e802561dd01518d7592964695aa545
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6ed654d864a83081f65642d7c153595a722b58a0ab5776dba72f2c767b41930f
7006a8b11a3abeda99bfb74de1bc8ab8d57cc63c70262b8e37f377a43eb66468
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979
723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75c6b260fee00db1fe67db954b335fcb5f19f4d339f33ba1228b90a54ea88042
771e3714923ae27dfa0581072f76fa16591231b5197a221f3821a1b750d088c2
778319b7c44a80f93d8a77153230f24649c02832d735a8e94b8c7d3edff9bff3
781090a17e7ef134a15d1eb6deec4a6cb312eba2eb7b76122688559d7664a608
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b5d350f36eb48c50916b00bba9e9a43eef7069a8d3cc4ced1442286a2f74d75
7bdc4d6cd624c03a9741dab9d074526f31cb01f4f4708f460e4b75b2dbf2243a
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
801e40ebea53d1df257fd8917c03e7dc915e6bcdc51fb4d4a4362687b16b4abb
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
811711eeb656a073ef95b8c2b5e691e639e5158017f353a8f7ad5f510ee4d4eb
8242ba0aa2a17ea915e40ee13bf6624a431603866a6487fc529842ce5ae52547
82c81e09b6f0d6b908acc5ddb9157178675515a231746e5cd918772aae34c881
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
838428441c139fbdb2f8976608fb144594cf3393af579f8dfc4a4be1bd7cfe9b
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84c17d4f4d7d1cdd1ff154da5cc0bd963917a767772f75ab8f13995927d38671
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
88d8c75dec75cda971b37c4cf6813ee73de11b1ace075c30a57ab03c86a0b6f9
89424ef5012aa28287695f3d89b6acdb4c65c9319bb96121e827b2e56daa2312
8946f10e815e5128da9f5a8cc749164d7319fac36c06195fc3251a1fcd0eed94
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a5718af3b191853cb0e4adc070983f02d6dd3d85233cff49ddcc42a7397d1c7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8f2bcfeeeebcddc92338e4d5a0989ce5599e70bbf5962a6003ca9beeacdd7bab
90b8bc34034fb3394a913ac3bfc9ecda19163ab8b561e7e6d325f3536247134b
927bed48bae33fffc84731fe9e8bfcf7a0bf3f4e414a9bb961e88b1f76008c4e
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
95cd0c0f4ec29744afef0d2b001f3affe95419106afff4f93339574c9067db51
972a75985f4638e8b61493a94d3b6fde1650bc824af40ded0b21c3bf66354b31
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b8bb67925974d6043d895b9dd8c9a71d2657dc623f35b2e6af425868a79bea4
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
a0315833d2639cb577802d0f0e001e59e46b1460eb43be72202dd29f11ae4d93
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1eb77383fab9b45bb95a5289a2d0134372a09dd20647d5a2e25e88d1cdb2087
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a312a942fac398f71b8ad4dbfdb25253c442a8ab8e97ad512ef7fc0c1cb9623f
a5549c9c67a7cad381c4ffada85380ac8835fe744da9018a6eb8517acc826b60
a6c3c5ac5900e2fdeeea6e3c9514871617b72608b224e33f329b0b4d8e91a85f
a7a01aaf1f5b48587bb8a6510e18567b916c8377d1dc944010eccdb3ebdc52b6
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
af768919546c8a98d8fb6feb35c23509cb9b0888b917d22c7a3875a5b20d47e1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b3a4198aac2107c45dc0d5c25bb2e1ad3420efc9fcc02cd7c2fe7cfee0d2b880
b6c3bd8a7d3f322d920f9c7a2b90145096582526846890a1d0796cce530fa1af
b86e678f724241714425a98d49c80fcdee4cf52b93c913b56ae403d2e423d3e4
bac6f567edb41bd88ee92307a57cb5d53f535cc0337fb2a975e610af79a5fa4a
baccaefe0e5b3ac7623309c683e8ef1b7dd95c99fe756891cbb2aa872b5e716d
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48
bee838dec619ff999d7a4f45b7dfd81cdf9353fcb25d0798eb722ec21bb19405
beec77cabd1f6d0a6d92ec4c08932be28c5a9503a8bc27ce101870cc7f75d806
bf3c58f05c377aa71cb7be265c9d8fff29cddb706a19f855f0a0a47be5dbb848
bfcf124e3ffd8d865dc60f4779a1ff8d848ce7de980d40e7f1a5d55bbb3753b6
c0897c46b4e0e8afa0155063ac17f661448f11f08bc0707c9d7bd1c4f31f01d4
c189285a3ad1c081921179be99780df43335415a1abec35f2623a4f996b54169
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c738e047085f0ee702cde018514fad015930a330f28e76b6133d792008b066
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3ea1b6cc32fcbef280138e6a3ca1cdcb85f8ff2e3cf8155cb996bb6b7587d7b
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af
c889b76feefacf087bb4cf0edf4469f3e790e7a1d831a66104896e283a2c7da4
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
ccdee1a158c13c6490d73f4c6dcecdc75f8707a7879fcdb072d49aec9bb38320
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d09d7bb539b0c42c29407162cf0ed6b7adf619ce1d037a530a15167e191cc784
d210680b84e1c45fcbf0910f0402d8e36764b65a08da5e6529ded4473abfeb91
d29376f388021cc3596a91eb1a1a83ecf97a3354350f34e31a050b02a2e756b4
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3f749e6203f8632c75244e00dd1b705552026eedfe746e06c580e2c791482a5
d4115c2027ebdab3d17a168a56b4d61931023a624abaca938ba90d5c1f31cbfb
d543eaa7132025303bca4abd20adaf5c23b12d978e3dc3ea8e13b7bc9af9b544
d58865ad4456470b7b3bf6ecc5b31936d2781e7de94182870d5dd257cb820c66
d5f2a41dc7e8b2b9d29f7729c006df16fad3289995bfae38d21bace6a9579ccf
d83f54da9832a6b5507c23e2d2b45016da72e2aec4c708c2643c0361fcd1e62e
d9c511e7db751c8df192ac6b86874dda928b8bd2d05dbca5c2a6ffc429aca7a6
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
dbbb7494bf0caf3327361191177b923b59a607d825105ae7b0aab8379d558276
dbc4865442379cdd84ba896a93240a19ef25890dffce8d158dc879b5d53b3756
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd150c168c4a6f1da7c6c95e0c7f7a191351886c2fbee7233032b41a9cf11625
ddca090351b1fdb78ef5e40b35a471ec96b143711570738f27ff456704fd7a37
df71571f500ba2b4ed40627f344010642ba303445063820589524f0feb682b55
e0e63cfb1be23789d80e4c4cf60ddeb95685b0517e8e563ff04b0eead5bd6545
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94
e17075cf2f747253cb3c737891be0f417b8f4330ddab9d53013bdd4ebca568ee
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e267a8e0d465a58d329ff34ee49940aed28dcfe6eedc3bf6457e1e72d33371f1
e2804b522a25c65e8d2907c2611d13b44af7266525e8b3f291ca04d655bb7b63
e2c1a957b6b07aaee9d08176a52947c0636371d959c576f94c6ecda13e2adccc
e36ee281df71dbfa63b0b3e6ff1c3490b579725665cf7fa31bc9a1b97bb98e11
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad56da3141d980e5d753c2920270b98d8650051734ca3d453e5703f91201fb
e5333d4bcaf0ba8811fe10ae35f1bf54082d7f5a1b6fe8a25ff0f9aa5c2fd507
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3
eb4531f2ccc72805d99d81cc3e9e42e74ba8a55c3fde1a3a50e233d24f1eb232
ecf8f447213a059e4a8c6c42b871243a712559bc8941caeff6a9bdb4e9164e57
ed058cc6fce0e40508da4ed7df4c70ee5e0e8e774137fd4c1f69b2fc4d5b9c4e
eda367d52037063316fbf43a70f0123fb5ad5a0175375e7e4053102df9a27ee1
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f19c4163cd98382dc632e86424fc8321a4e1b2e0549406bd9d515c0226674e96
f1c67e7c40b66ef81095f85a73d651579bb15ba775b5b76f9e76a801b0d6f70a
f1f345f9cf08774fcc78f54403f790c1f9b8eae697da5958bb79e564cadc4c89
f22f5d3f0e493e7b7fef483ac8e6ca3e684b550d9edc1759d0ee0c823193a56a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9
f8052a475f6987065464a04532383bf28305e2917a7f5297f8cd12cf7415fa03
f904c9c849bcc1d3d3a5996b8c947abf921a2877179c008d5afd1ba3b32a3b10
f9a4ea91cb3898eac37d38cbb0b15a9e347422b245e68008c8f29af3eec2e467
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fa4ae93330f3a0b8e253e34bc6d66018d996fb5d56ef0802e6def0d91fd035c0
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ultrasurfing.com Open in urlscan Pro 2606:4700:e0::ac40:6612 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

452 Requests

80 %HTTPS

42 %IPv6

64 Domains

128 Subdomains

105 IPs

12 Countries

9967 kBTransfer

20212 kBSize

34 Cookies

59 Outgoing links

Redirected requests

452 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ultrasurfing.com Open in urlscan Pro
2606:4700:e0::ac40:6612 Public Scan

Screenshot
Live screenshot

Full Image

452
Requests

80 %
HTTPS

42 %
IPv6

64
Domains

128
Subdomains

105
IPs

12
Countries

9967 kB
Transfer

20212 kB
Size

34
Cookies

452 HTTP transactions
5 data transactions