ultrasurfing.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ultrasurfing.com/
Effective URL:
https://ultrasurfing.com/
Submission: On April 10 via manual (April 10th 2024, 7:24:38 pm UTC) from US — Scanned from NL

Summary HTTP 414 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 65 IPs in 12 countries across 43 domains to perform 414 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 467756.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.

This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	152.199.21.70 152.199.21.70	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.32.75 108.138.32.75	16509 (AMAZON-02) (AMAZON-02)
20	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
3	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.245.31.9 18.245.31.9	16509 (AMAZON-02) (AMAZON-02)
14	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
4	23.36.232.182 23.36.232.182	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
4	13.33.173.196 13.33.173.196	16509 (AMAZON-02) (AMAZON-02)
1	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	54.155.27.174 54.155.27.174	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1780	41041 (VCLK-EU-SE) (VCLK-EU-SE)
73	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
18	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
61	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:24e... 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
25	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:911d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
12	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	222.230.178.146 222.230.178.146	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
3	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
9	185.239.172.170 185.239.172.170	55081 (24SHELLS) (24SHELLS)
4	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
5	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
6	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.241.182.12 34.241.182.12	16509 (AMAZON-02) (AMAZON-02)
1	138.197.53.255 138.197.53.255	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
4	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
6	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	35.156.202.1 35.156.202.1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	134.209.74.131 134.209.74.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
414	65

13 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ultrasurfing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 152.199.21.70 (United States)

ASN15133 (EDGECAST, US)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
keymap.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.32.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-75.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.232.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-232-182.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.173.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-173-196.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.155.27.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-27-174.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1780 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

video.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 222.230.178.146 (Chiyoda-ku, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.239.172.170 (Barking, United Kingdom)

ASN55081 (24SHELLS, US)

sghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.182.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-182-12.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.53.255 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebid.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.36.83.246 (Barbera Del Valles, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.149.91 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.202.1 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-202-1.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.74.131 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sync.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.245 (Barbera Del Valles, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1356 trc.taboola.com — Cisco Umbrella Rank: 1057 trc-events.taboola.com — Cisco Umbrella Rank: 2785 vidstat.taboola.com — Cisco Umbrella Rank: 4190 am-trc-events.taboola.com — Cisco Umbrella Rank: 11015 images.taboola.com — Cisco Umbrella Rank: 2069 videos.taboola.com — Cisco Umbrella Rank: 7813 imprammp.taboola.com — Cisco Umbrella Rank: 11390 am-match.taboola.com — Cisco Umbrella Rank: 14704 wf.taboola.com — Cisco Umbrella Rank: 4284 am-vid-events.taboola.com — Cisco Umbrella Rank: 11494 vidstatb.taboola.com — Cisco Umbrella Rank: 9328 pips.taboola.com — Cisco Umbrella Rank: 2158 cds.taboola.com — Cisco Umbrella Rank: 2552	3 MB
82	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 142 4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 200 a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com 12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com 3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com 7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com 014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com	795 KB
51	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 21548 e3.adpushup.com — Cisco Umbrella Rank: 22758 keymap.adpushup.com — Cisco Umbrella Rank: 78676 video.adpushup.com — Cisco Umbrella Rank: 117006	1 MB
21	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 78971 sghb.aplhb.adipolo.com — Cisco Umbrella Rank: 67117	424 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 268 stats.g.doubleclick.net — Cisco Umbrella Rank: 195	1 MB
17	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 755 region1.analytics.google.com — Cisco Umbrella Rank: 2227 www.google.com — Cisco Umbrella Rank: 5	127 KB
16	criteo.com gum.criteo.com — Cisco Umbrella Rank: 646 bidder.criteo.com — Cisco Umbrella Rank: 873	3 KB
13	ultrasurfing.com ultrasurfing.com — Cisco Umbrella Rank: 467756	69 KB
10	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 905 aax.amazon-adsystem.com — Cisco Umbrella Rank: 462	86 KB
6	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 732	3 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1075	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 99 region1.google-analytics.com — Cisco Umbrella Rank: 1879	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	521 KB
5	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1460 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1502 sync.crwdcntrl.net — Cisco Umbrella Rank: 1493	25 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 919	125 KB
4	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 15756 a.vidoomy.com — Cisco Umbrella Rank: 3828 a-prebid.vidoomy.com — Cisco Umbrella Rank: 19449	2 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1598	106 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 644	2 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1337	826 B
3	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 10815	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 335	87 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 82271	8 KB
3	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 11327
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 966	512 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 820	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 1183	1 KB
2	cootlogix.com prebid.cootlogix.com — Cisco Umbrella Rank: 7134 sync.cootlogix.com — Cisco Umbrella Rank: 4231	675 B
2	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1344 pixel.rubiconproject.com — Cisco Umbrella Rank: 641	706 B
2	genieessp.com js.genieessp.com — Cisco Umbrella Rank: 36733	317 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 679	135 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 78	69 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2181 pixel.quantserve.com — Cisco Umbrella Rank: 1861	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 1217	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 43306	12 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1599	484 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 12402	345 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 365	1 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1103	368 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 412	17 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 7321	408 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3746	463 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 454	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2012	634 B
414	43

	Domain	Requested by
61	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ultrasurfing.com pagead2.googlesyndication.com imasdk.googleapis.com
50	images.taboola.com
25	video.adpushup.com	cdn.adpushup.com
20	e3.adpushup.com	ultrasurfing.com
18	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net jscdn.greeter.me imasdk.googleapis.com www.googletagservices.com
15	fundingchoicesmessages.google.com	cdn.adpushup.com securepubads.g.doubleclick.net
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
13	ultrasurfing.com	ultrasurfing.com
12	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
11	cdn.taboola.com	ultrasurfing.com cdn.taboola.com
10	gum.criteo.com	cdn.taboola.com static.criteo.net player.aplhb.adipolo.com
9	am-trc-events.taboola.com	cdn.taboola.com
9	sghb.aplhb.adipolo.com	player.aplhb.adipolo.com
6	id5-sync.com	player.aplhb.adipolo.com
6	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
6	onetag-sys.com	player.aplhb.adipolo.com
6	bidder.criteo.com	player.aplhb.adipolo.com
6	www.googletagmanager.com	ultrasurfing.com cdn.adpushup.com www.googletagmanager.com
5	cdn.adpushup.com	ultrasurfing.com cdn.adpushup.com
4	static.criteo.net	player.aplhb.adipolo.com static.criteo.net
4	trc.taboola.com	cdn.taboola.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	secure.cdn.fastclick.net	ultrasurfing.com secure.cdn.fastclick.net
4	c.amazon-adsystem.com	cdn.adpushup.com c.amazon-adsystem.com
3	x.bidswitch.net	3 redirects
3	lb.eu-1-id5-sync.com	player.aplhb.adipolo.com
3	player.adtelligent.com	player.aplhb.adipolo.com
3	www.googletagservices.com	jscdn.greeter.me
3	jscdn.greeter.me	securepubads.g.doubleclick.net
3	http-intake.logs.datadoghq.com	cdn.adpushup.com
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	cdn.adpushup.com www.google-analytics.com ultrasurfing.com
2	rtb.openx.net	2 redirects
2	a.vidoomy.com
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	am-vid-events.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	videos.taboola.com
2	js.genieessp.com	securepubads.g.doubleclick.net
2	trc-events.taboola.com	cdn.taboola.com
2	imasdk.googleapis.com	cdn.adpushup.com imasdk.googleapis.com
2	www.youtube.com	cdn.adpushup.com www.youtube.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	tags.crwdcntrl.net	ultrasurfing.com
2	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	ultrasurfing.com
1	a-prebid.vidoomy.com
1	sync.cootlogix.com
1	cm.adform.net
1	pixel.rubiconproject.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	vidstatb.taboola.com
1	d.vidoomy.com	cdn.adpushup.com
1	ib.adnxs.com	cdn.adpushup.com
1	prebid.cootlogix.com	cdn.adpushup.com
1	ap.lijit.com	cdn.adpushup.com
1	prebid-server.rubiconproject.com	cdn.adpushup.com
1	014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.nl
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	cdn.jsdelivr.net	cdn.adpushup.com
1	pixel.quantserve.com	ultrasurfing.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	cdn.adpushup.com
1	keymap.adpushup.com	cdn.adpushup.com
414	82

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
chrome.google.com
ultrasurf.us
www.cio.com
popup.taboola.com
www.combatsiege.com
easyshoppeonline.com
2f7w2d.tclfplxhhh.com
click.coolfix.com
www.panzerrush.com
www.tipsenweetjes.nl
www.networkworld.com
isolatie-offertes.nl
redirect.trackerado.com
www.sandaya.nl
www.planethealth.nl
perfecttransport.nl
tr.bestgadgetdiscounts.com
dailyredirect.com
costabrava.org
consumenten.eu
searchtoday.org
www.planetlifestyle.nl
www.ourtime.nl

Subject Issuer	Validity	Valid
ultrasurfing.com GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
*.adpushup.com GeoTrust TLS RSA CA G1	`2023-08-11` - `2024-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google.nl GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-16` - `2025-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
1792641740.rsc.cdn77.org R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
greeter.me E1	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-16` - `2024-11-26`	a year	crt.sh
player.adtelligent.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
sghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.cootlogix.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-19` - `2024-11-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://ultrasurfing.com/
Frame ID: 03CDD185E1CC8CA7781C2DA43B26B85D
Requests: 256 HTTP requests in this frame

Frame: https://4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E202A41FBA64047D7E8AF4A8D4560ECE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C1850C7DEA35DB6A93B16014095B1F0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5BFDE4881FF9B7FCE9C9842C7E5D003C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu0g97zDylmVe1Ob5D8d03EjGLh_8NWM0IlQ-iRnx8gIHlNHW7AgxHnWL8wKmKty6h2hNC9dw-fWGVJNTuoN28g60BxErq25a3vasJbv2pGNxMS6Lvvps5sJtQ0ihPFNKEHdCmANEyoAIa3npI5Z6RuvuA_Eqw-T6hAlxRLnbl9iRiPPG1uUfrz6ayOt1Hptr7_dgEDvOS77iG9QUS2MpLgQp8M2-nQIZi4huH3GctUjr4N9cj3x2CcNJ_q0JJDVMYz_qB4HtrzreKCxbjKaHX-rd3s2k8-8G43qui9whb3FfzhZI_O0MB5zkjkxylFwajS3MwannXoEb9_rcZKzej7YhygmWBn7MuMniZvx97lYTTMjKLr7I54-MtChUzG-Fs9&sig=Cg0ArKJSzH34ShywBrqEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6FD19D54C270AA05FF80DE9B098ED1D8
Requests: 32 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.633.0_en.html
Frame ID: FF2A9602DF03329F9C9F1C1AA7D4EDA1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DF1B66DC56BEFDB1A2C6DA1ED34BE837
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvw-u8u532zxbEIVdE9ZuFSb8srLFAIZkBUZt4k0f4ZtXBfrX2pBgNHqqhnTEZ2MU81QOqsB2N7VLi_VUAvb2_la2RRASQCUvvJkh_lXe_rXJg9bB8wC8GQwM8UvRpLTKlw9D5MbBuuJdbwnU9iIP6jVaZWW3ESvGBYV3FI_12sOwNtc6IDIm2zn7ARm7-Ncf09tkvLhjur4D2y1SulPfLZ09AuRLViD5afwntsST_Jd4322dR2BJkSzlNVjW_oRG6k0uEnyGqkDZRleJ1TzYntaLC3yreXWvp3Ui_d_PZobDIYaOe4wR-ontMMSOLBO2mfqHjnJWhMy-hgjKibeOgn7Y4fiPLz3VH0pz6t8HHy6bVtg75e0LdelyjxVCgSfEn8&sig=Cg0ArKJSzCOHJdzk9gk6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A94BA0237FE8870D8D89A4683B0D0F06
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstieXeDihLev9jAwZEseXUhHlkFixjt2Ft_luKoIPXhCDrmGuU86KMOaTJdTeXTQTdkhTR5iZxwBwRgBqPwYv1WrbxOJW0gPoBUSBObCbPshMfGDB-Aj-lXkIYyr3lRC8xKbvZoy8meW31KF8QBrGFujVaw-tyHNP265AHAO48PD6VokCFXJC7_-olFelPtY94llxlA59-TB2wLUMdBph-7wQmtq4YqTBIMnI7-Y3V0fxROQe2uRXuwa6nd3NdH8oVFAQJ3hdcO35X62F7U5WhpuzpT2E6j1kagRczxf9QJBhx0Uk9-9oZDjxdJpsYfDJmLrZoGDr-gB1hn2F-MpdnOKQlhDgTdnPYQlTCPRe-lAMe76b3I6C1jI6Q7EIBoNuci&sig=Cg0ArKJSzDM7XsfivBvnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CD82913D00C67C2E6530FF3BAA7B447A
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst-nB8dbOwIE26h0RGWk37gXMpQD8Zff8141dgRTn5SVTd484fL32GSjPa-_Tn-0jgAYHGIbsDBm7vIG9BbuU5u0wGxWS7vg_Sqa7lTtzqdPm6bsgDYHOljjgIHSqa1YHTD1I0CB-sVbFfdzuz1gJZn45ffl-cJ5cA5evYauSrwhSM0Zwrfpu7i7hLvVh_8JnvjjKoLflMo0OOSai5FS8V7CokUrcl1RVJ0fi2ARv5Qgqy0_mVqUz3IUQ1v14z1ZJPM6kZGPtmyxkuVcqheFf4DT5vadDiL8chNEXUCCRGx60_IRLrDRM0DdtMzLEMpRCgl5J_YP73xx2JBDOfym6r7qsiDgS69QhqT3mdf_ewnoW49yhIGpJctTElIZVLB9vjV&sig=Cg0ArKJSzMpJJWyq-OiuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 134BED8DAD5AD6016274C95D055AC9EF
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu91vYlPKiwDm9i8iALXZzSzQo0v8HEM8Lb1BeUByXhoLhjh_VSPgOnl7qn8qbqy6r0hwkRw6NHGWwJ0qsh6_5WkOOSjwVmBOtdV4UUvMVAPSHJpflR6ldxti0LIIVhqvTb_of2BHXfzSeEJPKnqiApQm0RJ9MzA1XZ-am8HO5wlPI0ftigFBRgNGIt5qeR688Jpv_JTGBZvJdfRGf2I03mtiaCGJRJCtPXbgL-oS7vsBvaHTD555miQKI21GPlu1hHLo6OK-7uNC7AmApBxT_w_rosuEre_OnmICBwMomBnovteM7qDwU225lJ9Z-5LzwNXUMEqf6S62REW3dbmQ3XtYHbCidAPsFYAm-rxqYpfntfx7PYhH7Zp3AvZsaHFLWQ&sig=Cg0ArKJSzMyXzIQdYmZ1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 229699E88120D837359CD3FC93D5679E
Requests: 8 HTTP requests in this frame

Frame: https://a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7A7D7BD7390A1052D50D80F7A2DD77FB
Requests: 1 HTTP requests in this frame

Frame: https://12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1ACBBF3AA143C94328E5CFBDA555DF77
Requests: 1 HTTP requests in this frame

Frame: https://e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6F753DCB7EA67753A847DAE2FBB47649
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EF2B6195927B4FAF74BFC65912C6B34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssMJ2-4yN-EqXarrMf6bdXwoLeTNI6C_Xfv6p0N9wWIdf442Vl77T9keUge__5fxhNoVSx8YqCt2T1FnDWBUJCY_g6InGH9yc19LDOB31hC0moPutdhHdkMGaE-S-EIBOJMsa0Xr45pEH1-WXkq3OfnZfoe0fXyIZIebrRKYAIFMXcr5YAktDG6urX2fchH91rmYtUX4k_-zbuZ3eo98LnGBCFKrjQP3bTsKIZb9NgFnnpApn0Lm6TPxyVLDOo0p7ROESEQigd7O5ykQ1O8IdkC7MML9X85EKPW2KNmM_qLeH1KrskqhmHEaYTPplq4l9_if_LzXWEawkF162qiM49eFoOfykWTENRrOuFUygHJ6TzSgUFCEtTe5Jm6SgrbkYuJ2_4o1moqDl6zLYGysF3E9cPrHZ6ynw9n&sig=Cg0ArKJSzEt8JSz5GxatEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2832120FCDCD2A13A2056780B235BD7D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A3200512A70CE0B8AA12ACB8DEBD0517
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A958947A19ACCE4957E04C77B43F3A9
Requests: 1 HTTP requests in this frame

Frame: https://3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: F97983108E939186801A1482051B44CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsul9nqJUOcapQg-UFok8nliTYFeHnTg5vDCwU5XK1dfnKtP6fmekqgSqHBRFQpmAecihcl7KCYDRV007BQc3wHTICGkj_niCUbh6_bYidVtuyrurCZ0ID5cGUiy3NFb2o6-4EHeUA25Fr94tQM9_skLo1UfseXBb8SLkZxSs1I8P9TePdeuw3YGjw-9XK_FAb6ZiR3ldt2M1OM5bdR0t8oF_PAi6q2h5IY2U6S27ujeGKmkfwgVjWlaPti2x2VeJVw0zMrOLVqJ2qmB8AYnBOjodBx3r2YG9Ed0ScRGWNNGpIQBDL2XJ1zbDbs9xWTyYOzhOorLzCPPCOr0IPBvoMT3FgSdWopCTPtQbUJtLKoyegvE3K4ot5MEtTPp1aM9REaN5_v1eyMIZC3enthy0cHj8uZL1wBpHFf7&sig=Cg0ArKJSzKu47-As9KWmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 54DF6BB9B7FE4640FDF11239713DDE9D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstkTSKoP-mcPYGT7sxkBDeEUz-hFqV20Pv1N9asvPrIc8Tn_L9bKRsK_KEiWz-ffmrOY-s28zpSw1FLkxEKj9RF3nGW371pG4HeFqN_y5DC89a48yRq8v4USB9xHEuNITEjxrX63d6y5UWYCnPXSRCLXhC09_cjLAuBjVfjnbiDSfZ4D_6qom7Yp4QlpQgFRMNo-AQ0VhguD0YaPWZUWA97UF8fq3B0SzcBRASJkZDGo6C6Cp2iY83RRJPT8AJ7HN1MKrkwFefMUqqNFEtYzpw6NmQx289jv9kZKNJKAKaTJvkW6uVdoLFRGi3CppuQf8bfBAeKOIV9Kz9bNXXyMEDP9QMoIUU_qx0qCasfHdqmcx0exxK_Q6L3t0DI6MT-q6ouYFlRrRCs9hj9WFSHCE0VZYr2INrlWe6d&sig=Cg0ArKJSzMszhtuNgZdwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F4AAE1A5634A9B708AA4A3527316CCFE
Requests: 13 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&cmcv=&pix=undefined&cb=1712777073878&uv=3392&tms=1712777073878&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!pl159704-872_vB!rbcatc_vA!smbs!tmaxc_vB!ufm_vD!ul159704-912_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=729ad43b-5e81-4c00-bc5a-0ecc5702ac8d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 1A4CB7714712B89A4F95ABDACBB63EA8
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 88E08921F4AA432A54EA38CE65C95698
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10557FBDC3A470B477127D9F0AD016C3
Requests: 1 HTTP requests in this frame

Frame: https://7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 7F6CED433858DCBA055829C41B92A737
Requests: 1 HTTP requests in this frame

Frame: https://014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 8E70186E18478BCF00332127A81EFBD5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D6EDED9B5F4DB5E6815980654AA258C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F4EF5F02BD2C9FB447D8190AE66A90D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com
Frame ID: C26E569312444AC530E1C6F4F4C8E890
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com
Frame ID: F880507C00DFF67173FFD392CF189BA9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com
Frame ID: 674F018F3CBBB7F61CD592AD391FB7AF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712777073344
Frame ID: 910767416BF2A13B922535609DADA209
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712777073501
Frame ID: 88C199FEE502C397A6DABAF831D00D71
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712777073513
Frame ID: E08657D03D6549062C2F2F72825A1E27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ultrasurfing.com/

Page URL History Show full URLs

http://ultrasurfing.com/ HTTP 307
https://ultrasurfing.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

414
Requests

96 %
HTTPS

32 %
IPv6

43
Domains

82
Subdomains

65
IPs

12
Countries

8642 kB
Transfer

21108 kB
Size

38
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/ultrasurf-vpn/id1563051300
Title: Ultrasurf iOS VPN

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.ultrasurf.mobile.ultrasurf
Title: Ultrasurf Android VPN

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/ultrasurf-security-privac/mjnbclmflcpookeapghfhapeffmpodij
Title: Ultrasurf Chrome Extenstion

Search URL Search Domain Scan URL

URL: https://ultrasurf.us/download/usf.exe
Title: Ultrasurf Windows Client

Search URL Search Domain Scan URL

URL: https://www.cio.com/article/1246992/6-most-underhyped-technologies-in-it-plus-one-thats-not-dead-yet.html
Title: CIO

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.combatsiege.com/
Title: Combat Siege

Search URL Search Domain Scan URL

URL: https://easyshoppeonline.com/search/top5/
Title: Easyshop | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://2f7w2d.tclfplxhhh.com/
Title: Badkamer verbouwing

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://click.coolfix.com/32d15bc0-5c35-4239-adbd-f059c6ba59b8
Title: HearClear Pro

Search URL Search Domain Scan URL

URL: https://www.panzerrush.com/
Title: PanzerRush

Search URL Search Domain Scan URL

URL: https://www.tipsenweetjes.nl/huis-en-tuin/altijd-buurkatten-tuin-geheel-kattenvriendelijke-trucje-gebeurt-meer/
Title: TipsenWeetjes

Search URL Search Domain Scan URL

URL: https://www.networkworld.com/article/2074605/edgeconnect-sd-wan-with-swg-building-a-sase-foundation.html
Title: NWW | Aruba

Search URL Search Domain Scan URL

URL: https://isolatie-offertes.nl/experts-premie-isolatie
Title: Isolatie Experts

Search URL Search Domain Scan URL

URL: https://redirect.trackerado.com/cf/r/65c609330379ed00165e6957
Title: Mitsubishi Outlander

Search URL Search Domain Scan URL

URL: https://www.sandaya.nl/sandamag/de-7-mooiste-meren-van-frankrijk-om-vanaf-uw-camping-te-leren-kennen
Title: Sandaya

Search URL Search Domain Scan URL

URL: https://www.planethealth.nl/kind-gezondheid/voorf-of-achterlopen-bestaat-niet/
Title: Planet Health

Search URL Search Domain Scan URL

URL: https://perfecttransport.nl/verhuizen/
Title: Perfect Transport

Search URL Search Domain Scan URL

URL: https://redirect.trackerado.com/cf/r/65c6070604ee570017f5c13c
Title: Mobility Scooters

Search URL Search Domain Scan URL

URL: https://tr.bestgadgetdiscounts.com/
Title: Best Gadget Discounts

Search URL Search Domain Scan URL

URL: https://www.cio.com/article/1309307/by-enabling-ask-and-expert-capabilities-generative-ai-like-microsoft-copilot-will-transform-manufacturing.html
Title: CIO | Avanade

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Thumbnails%20|%20Card%2013:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://dailyredirect.com/
Title: Traplift voor senioren | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://costabrava.org/nl/
Title: Costabrava.org

Search URL Search Domain Scan URL

URL: https://consumenten.eu/advies/
Title: Consumenten.eu

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbnails-1x3:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://searchtoday.org/promo.php
Title: Zakelijke e-mail | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://www.planetlifestyle.nl/slim-wonen/dynamische-energiecontracten-2/
Title: Planet Lifestyle

Search URL Search Domain Scan URL

URL: https://www.ourtime.nl/
Title: Ourtime - Senior Dating

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ultrasurfing.com/ HTTP 307
https://ultrasurfing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 422

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553

Request Chain 423

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=1b50678d-c40d-4eaf-b695-5d51cce461ef&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_0f83616a-cf87-47ec-82b9-cc5bf7842d9b&bsw_param=1b50678d-c40d-4eaf-b695-5d51cce461ef&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b50678d-c40d-4eaf-b695-5d51cce461ef

Request Chain 427

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=8374e659-a3fb-49d2-bb9e-f787fbbfc719

414 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ultrasurfing.com/
Redirect Chain

http://ultrasurfing.com/
https://ultrasurfing.com/

11 KB
4 KB

359ms
316ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0a271e9bf20beeb1bf186cdac85aa48670a6b3aa7aacc532ebe8d8508460c81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87251e1859e39715-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 10 Apr 2024 19:24:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jiTjO5x9pyFtQkyXXOGcPwX6c%2FCJkzhDz82Z7VX%2BkzCevNq%2FzdTU88bxhNSrBpMwPsWW06AQB0hwBBhnBHqen79kOzx2F6VEfx2nvS2dK3ovTCbPtNxSSeONIWkHOJ2SDPK4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://ultrasurfing.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 reset.css
ultrasurfing.com/css/ 773 B
881 B 24ms
23ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/css/reset.css
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
age: 2258
cf-polished: origSize=1050
etag: W/"5f9a61f5-41a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKjZI7jSfhzC%2By%2F0tK%2B8wT2XjPb8MnI7RLYFkLVZYy7a%2Fe1YX2t9L8ohRb2O1dk9XgIGDV1ge7hB3ZpMaqzvIw%2FZa%2BMMJ6TU8LAmstaT0A6YG6KL0v8M6ILcB2MTcHnAbKFa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 87251e1a5d209715-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 style1.css
ultrasurfing.com/css/ 11 KB
4 KB 25ms
24ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/css/style1.css
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 08 Apr 2023 04:57:00 GMT
server: cloudflare
age: 2258
cf-polished: origSize=19154
etag: W/"6430f41c-4ad2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IH1MPzzKll%2BOKS8ZFnZoUQ%2F9s7TgVS%2BbgjLkI1favt470ly9kuuxFXw1kum2rQEQvKQCTrTGvQYqE9tJz5QV4snRvQNjA3wnsZFlwfWm8%2BcZm%2BYyarCOjeU6wDLWAQlROk8F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 87251e1a5d239715-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 d4d74586_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 25ms
25ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/d4d74586_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0133ac01339f59dcef43c847003e8450c3530c49e141e3cebb0544832e0bd097

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258
alt-svc: h3=":443"; ma=86400
content-length: 7379
cf-bgj: h2pri
last-modified: Wed, 10 Apr 2024 18:45:05 GMT
server: cloudflare
etag: "6616de31-1cd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FUatHU3%2FmGTtjXYBx0AN8m%2Feeok%2BEz%2FKpNCDm%2FRIdU061AqxO5IaXlDMXL98OAgvfZ%2FJ1%2FVDAAIqjdN1%2BWVtl%2B8yZpFkrh2PFh6IKFmojnKEw0s6H4Lh%2FXo9WLRU3kc8%2Fihy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a5d249715-AMS
expires: Thu, 10 Apr 2025 18:46:54 GMT

GET
H3 200 /
ultrasurfing.com/ 11 KB
11 KB 161ms
160ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WCfvDnB3m%2F%2Fft4OwBKWzlpHEC7rlW9aWGphpyNae6jxBGUEZEM7Kpeo2JkKSu%2BZbnrMrP07a46xRwp364lkZdXO9ACM6dLqyKwc5Td7p2o%2FdNZP8LcMdj7KMCZF7hCcQFFl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 87251e1a5d259715-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 287a673c_photo0_190.jpg
ultrasurfing.com/images/ 10 KB
11 KB 307ms
307ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/287a673c_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc16ec384cc392785a2eb03ac9b8ff457ea4d589961b9a88cda45ac4ef33e543

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
cf-cache-status: MISS
last-modified: Wed, 10 Apr 2024 19:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6616e755-2820"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCuKo4t1KoFvHDAa4XALZPR60Ns5T0wW%2BI7n4hdsfT6JjBr%2BZeWAsU0Zj6%2Fc%2BAU4KJUn5iOQokRFfqqU1Buy6sI2ihIp7j0BAPL4jp9MiKrX1O8G4S7B0hkfNmwdJ%2B%2BxX8QK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a7d739715-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10272
expires: Thu, 10 Apr 2025 19:24:33 GMT

GET
H3 200 6b22dd83_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
6 KB 312ms
311ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/6b22dd83_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b01d04ecd320d6efc6d93eec4f3e7b9f58a73a9cbd6a990a970d50957284e5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
cf-cache-status: MISS
last-modified: Wed, 10 Apr 2024 19:24:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6616e754-1635"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTtAVP%2B5%2BjV1W7XlvmquYeFQxeroplkmvShSPYt8OqWkeSmNDPV6vcjmH9IZo8iBG%2BlPSApM8BJOajGU%2FZP7j%2F%2BkJYi0W3RCOz5yHn02d50j6Zh%2FNvWpFdfR3Eaw5ZXd677n"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a7d769715-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5685
expires: Thu, 10 Apr 2025 19:24:33 GMT

GET
H3 200 3b347e6c_photo0_190.jpg
ultrasurfing.com/images/ 10 KB
10 KB 26ms
25ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/3b347e6c_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d2c1d5d19c228d686bd7128079f51d080baa0666ab1d97d7869e9f9bba176e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258
alt-svc: h3=":443"; ma=86400
content-length: 10155
cf-bgj: h2pri
last-modified: Wed, 10 Apr 2024 18:45:04 GMT
server: cloudflare
etag: "6616de30-27ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3LxUyRe2zFPK1E81EoW7lpJPzaDGx%2B8TT6N4aGo%2FM9kDzEqxRPb1WHTZdYoSSyi6mWM5%2Fd%2B4sB7vE7Q8EOrPeOCNvywDr%2BIXg%2BBT2ZLd7s3XKmOcEBYhLSkFEguhKw46iYH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a7d799715-AMS
expires: Thu, 10 Apr 2025 18:46:55 GMT

GET
H3 200 rocket-loader.min.js Show response
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 18ms
17ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2024 10:34:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660d30bb-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yd5Ofv1YqJSDyvRn3sehvv3yKqDTFa8KYCxpOHm%2FlE85PovIXFhE3PW5RJHBNYvDFp7Aug17pP9GJzJO7a8dgIGID8pH1flXViXmoZpDD%2BI7WR%2Fj75RBFw5Ye8XQJ852M3Dj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 87251e1a7d7a9715-AMS
expires: Fri, 12 Apr 2024 19:24:31 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/45157/ 744 KB
155 KB 85ms
16ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/45157/adpushup.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BC) /
Resource Hash: 2a947ec9647a5fe16feb48012637f3e9e4e3d6a69bd5b232712ebe14839c9764

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: br
age: 23048
x-cache: HIT
x-client-device: desktop
content-length: 158558
x-ap-device: DESKTOP
last-modified: Wed, 10 Apr 2024 12:00:38 GMT
server: ECAcc (ama/48BC)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: NL
accept-ranges: bytes
expires: Wed, 10 Apr 2024 20:24:31 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/45411/ 41 KB
12 KB 83ms
14ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/45411/adRecover.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48EC) /
Resource Hash: 7975737dcab3e98655844dc1338ece0d9019246e668f0962f0b0577af1c597e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: br
age: 1501941
x-cache: HIT
x-client-device: desktop
content-length: 11748
x-ap-device: DESKTOP
last-modified: Thu, 15 Feb 2024 07:57:34 GMT
server: ECAcc (ama/48EC)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: NL
accept-ranges: bytes
expires: Wed, 10 Apr 2024 20:24:31 GMT

GET
H3 200 bg_header.png
ultrasurfing.com/img/ 230 B
725 B 24ms
24ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/img/bg_header.png
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/css/style1.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2427968
alt-svc: h3=":443"; ma=86400
content-length: 230
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
etag: "5f9a61f5-e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eorq6bUYtyzEJVane2TlpbGk44WFmP%2Fvw4%2FOkQNTJv%2FJtUwchVSeqQu%2BtrUNJS0i9ZDDpjX4rXFZxDoEYdoxxO5Rf9%2FvCJgtsDq%2FFU0XXKkbfkdUCGjkCLdSas8ikHhnGaZs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a7d7b9715-AMS
expires: Thu, 13 Mar 2025 16:58:25 GMT

GET
H3 200 logo-new.png
ultrasurfing.com/img/ 7 KB
8 KB 33ms
33ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/img/logo-new.png
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/css/style1.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2419019
alt-svc: h3=":443"; ma=86400
content-length: 7316
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
etag: "5f9a61f5-1c94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rfytc2DcBIhdXrMVFAfWuz2TkWZ%2FTTj%2B5I8PF%2FjVopRJiewfg95YnAbEFijlhMz%2F7ovMPeRUzbp0axpLZZGlXfxc6AvZaHPkRdfIA2eD4o7pOgp2eqWoyi8KTGVTZpzH0TK%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a7d7c9715-AMS
expires: Thu, 13 Mar 2025 19:27:34 GMT

GET
H3 200 bg_nav.png
ultrasurfing.com/img/ 175 B
660 B 308ms
308ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/img/bg_nav.png
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/css/style1.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
cf-cache-status: MISS
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f9a61f5-af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNq1fk7Wy1boLd9rzMCjwLx9sUidunilvKXxae5bRiXtEX4x9tT3dlTCOeUkpeSAhXLzG%2FuLCM16U5wrh6mA50x%2FEoF4UejFtMds0YkL%2BEzkdmZWr0Di4HjgdhO2YG%2FHUEYT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 87251e1a7d7e9715-AMS
alt-svc: h3=":443"; ma=86400
content-length: 175
expires: Thu, 10 Apr 2025 19:24:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
92 KB 87ms
39ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82b926c1f9c54bf92d5669b3414d1ac9c014ab288a36fffa1b4c5dda90fcb252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 19:24:31 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
30 KB 144ms
44ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/45411/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2468645
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-mad2200098-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712777072.961873,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3592, 2340

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 97ms
45ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5234690
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mad2200098-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712777072.961873,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 5, 100592

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
794 B 14ms
14ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1712777072005
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B6) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 19:24:32 GMT
date: Wed, 10 Apr 2024 19:24:32 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (ama/48B6)
age: 1528116
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: NL

GET
H2 200 pb.45157.1709907060881.js Show response
cdn.adpushup.com/prebid/ 424 KB
124 KB 18ms
17ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.45157.1709907060881.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4891) /
Resource Hash: 3115bbc6f22888131b06d9d6b848351a12e5379bae4abdbee9e9cea1e99c823b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
age: 1411394
x-cache: HIT
x-client-device: desktop
content-length: 126788
last-modified: Fri, 08 Mar 2024 14:08:01 GMT
server: ECAcc (ama/4891)
etag: W/"65eb1bc1-6a1e6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 19:24:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
98 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9c865e712ce40152db97bb5d9004b21d6c51783ffb3daa73d632f4622027e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
47 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=269851682

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8194879389d71ea1e04b4230670039702b9eb79e7296f21d0a0d6fc6a8eadd19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47895
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Apr 2024 17:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5784
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Apr 2024 19:48:08 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
309 B 37ms
37ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CB) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
age: 1528126
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (ama/48CB)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 19:24:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 130ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e57d8e0364ad79bfbb6a6be04daffce50e1d3da92b7ab3427b97952b36ab7d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29410
x-xss-protection: 0
server: cafe
etag: 785 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 96ms
29ms Script
application/javascript 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:30:05 GMT
content-encoding: gzip
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 15:38:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 3268
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: u7xwBk55-1mCwQh556x7IAEpWpvkHEKDF7uHH-XP5KGj8iPSZc6XZA==

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
320 B 65ms
17ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIwNDgsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJOTCJ9&c_b=688.7000007629395
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
368 B 64ms
16ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 bdd707d79f4045e4080e4195f319dc6698bf9666.json Show response
keymap.adpushup.com/urlutmmapping/45157/UrlMapping/ 60 B
314 B 438ms
427ms Fetch
application/json 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://keymap.adpushup.com/urlutmmapping/45157/UrlMapping/bdd707d79f4045e4080e4195f319dc6698bf9666.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ce43d2dd0428e227f36dd0c5eb187a1e20698c13a3812304980a0415838de739

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 19:24:31 GMT
expires: Thu, 10 Apr 2025 19:24:32 GMT
last-modified: Wed, 10 Apr 2024 06:12:42 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC59253B25B88A
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 83e443a5-b01e-002c-057c-8b3b86000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
x-client-device: desktop
content-length: 60
x-client-geo: NL

GET
BLOB 200
OK a497df8d-106b-4cac-bd0a-32e5a1e7d79c
https://ultrasurfing.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/a497df8d-106b-4cac-bd0a-32e5a1e7d79c
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e6d855d89cfc80c526ade8965f6b37d8821324cd9998da9daf654ec8253ce1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1890
Content-Type: application/javascript

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 180 KB
60 KB 122ms
64ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd0fed3d349fbafb1f9ba565a67a860dee8e268e599880333055b63eba004a51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EFVgRsXziZ5Fele8x9H0yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EFVgRsXziZ5Fele8x9H0yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAtxc3w4d3sDm8CO788DAGCdNkk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 75ms
22ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:24:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
98 KB 40ms
40ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=269851682

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4f008f81b1ca4fcaf0d41fe92f90e6ba8312a1f55b5573b1d1a57a6130802227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 19:24:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 46ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je4480v886690812za200&_p=1712777072049&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1577691297.1712777072&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712777072&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=script-loaded&_fv=1&_nsi=1&_ss=1&_ee=1&epn.siteid=45157&tfd=777
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 27ms
27ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1486556771&t=event&ni=1&_s=1&dl=https%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=800x600&vp=1600x1200&je=0&ec=user-interaction&ea=script-loaded&el=45157&_u=IADAAEABAAAAACAAI~&jid=112405973&gjid=1506092559&cid=1577691297.1712777072&tid=269851682&_gid=989833857.1712777072&_r=1&_slc=1&z=1747472259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 71ms
20ms Script
application/javascript 2600:9000:223c:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:38:42 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: OLV4ZrBc9JCFRG9BQkeaFqtNP89ISdY4e6pCgqPdOjkAlVe1WadLCw==

GET
H2 200 2e7e1587-d92f-46dd-8721-80b53eccb87e Show response
config.aps.amazon-adsystem.com/configs/ 563 B
832 B 70ms
20ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: c7b049c145ebb1fa294c4e99795b1f92876a8c589ad071c735a757cc689ee2ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:48:24 GMT
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 2168
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: GmZGTxwupb69y_AkT5XHhCObkwNszvRJhFqWzD04rfOdGJFgU-RBkA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 53ms
53ms XHR
application/json 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fultrasurfing.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: Server /
Resource Hash: c54b4f2646be8a0cd7aeb5db1c6d43ac798de663e034576ce6cf1195da1161dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:00:50 GMT
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 5022
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2424
x-amz-cf-id: HLglsNCYiKzUh6nTZyYeuhMIe-M6ZTVnzw4C1Q4QCEIugbYPcfU7Aw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 90ms
36ms XHR
application/javascript 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
date: Wed, 10 Apr 2024 07:06:50 GMT
x-amz-cf-pop: MUC50-P2
age: 44263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: aP-pVAmbuTFXXKJhk7Ly0uG9zHnpf6IC_4GCpZZcOW9dheXaSfDFTg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ 443 KB
139 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 11:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 11:04:37 GMT

POST
H3 204 AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 71ms
31ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.EEDv5liViQk.es5.O/am=wA/d=1/rs=AJlcJMznAgcgk0xJseAKB7Rg-qT8TqWA1w/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JDt1z-3KcydQuoqeim_XKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-JDt1z-3KcydQuoqeim_XKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1gDgFiIh-PDudsb2AQ-TNzfzggAywUMtQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yXrSMr6VucfbEdqfwVv0tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yXrSMr6VucfbEdqfwVv0tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1gDgFiIh-PDudsb2ARedKzvZAQAykkMlA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUQwIWgz9Cbxvbbwofj2Ni7ouef2dpfxgBb2vXnvEUeag9C70_qXyBtPFKQa6PEfWjsyRgXvLQIVSCd0Tf1TyeLakgWGM2HgJhblgN8LqUKo6mALw0kliqr2NNPJbCROF1zRS0JaQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUQwIWgz9Cbxvbbwofj2Ni7ouef2dpfxgBb2vXnvEUeag9C70_qXyBtPFKQa6PEfWjsyRgXvLQIVSCd0Tf1TyeLakgWGM2HgJhblgN8LqUKo6mALw0kliqr2NNPJbCROF1zRS0JaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyNzc3MDcyLDI0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsbnVsbCxbWzgsIkVFRHY1bGlWaVFrIl0sWzksIm5sIl0sWzE2LCJbMSwxLDFdIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjE0NV0sbnVsbCwwXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86deeae6d89048547f18a4f002aabbe2204473f0116bf4b222eed7108459d8c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Z6qjERoNJ5yNvYqd4pCnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-0Z6qjERoNJ5yNvYqd4pCnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcHw4d3sDm8CHUys7GAGUMjZK"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je4480v886690812za200&_p=1712777072049&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1577691297.1712777072&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Ag&_s=2&sid=1712777072&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=ap-page-view&_ee=1&epn.siteid=45157&_et=112&tfd=893
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1486556771&t=event&ni=1&_s=2&dl=https%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=800x600&vp=1600x1200&je=0&ec=user-interaction&ea=ap-page-view&el=45157&_u=KADAAEABAAAAACAAI~&jid=&gjid=&cid=1577691297.1712777072&tid=269851682&_gid=989833857.1712777072&z=2093111330

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 17:28:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6988
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 15ms
15ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIyNTMsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImIxMDcwOTEyLTljOTctNGQ3Yy05Mzk4LTg1ZWQ0NTU5MGYwOCIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0hPTUVfMVgxX2IxMDcwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiY3VzdG9tIiwibmV0d29ya0FkVW5pdElkIjpudWxsLCJzZXJ2aWNlcyI6WzFdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiI3NGU2MmI1YS01ODhkLTQ0MGMtYjc5Yy04ZGJmOWQ0M2YwZjYiLCJwYWdlVmFyaWF0aW9uTmFtZSI6ImludGVyc3RpdGlhbCBkZXNrIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJOTCJ9&c_b=893.5
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 15ms
15ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIyNTksInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjVkNDhjOWNiLTU3MzUtNDFhMi04ZDcwLTEyMGU2M2MxZjM3YiIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0hPTUVfNzI4WDkwXzVkNDhjIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDUxNTdfNzI4WDkwXzVkNDhjOWNiLTU3MzUtNDFhMi04ZDcwLTEyMGU2M2MxZjM3YiIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJIT01FIiwicGFnZVZhcmlhdGlvbklkIjoiNzRlNjJiNWEtNTg4ZC00NDBjLWI3OWMtOGRiZjlkNDNmMGY2IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJpbnRlcnN0aXRpYWwgZGVzayIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiTkwifQ%3D%3D&c_b=899.1000003814697
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 pixel;r=1595088777;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fultrasurfing.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1845487005-1712777072166;pbc=...
pixel.quantserve.com/ 35 B
455 B 36ms
22ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1595088777;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fultrasurfing.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1845487005-1712777072166;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=1;et=1712777072260;tzo=-120;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2Fcabcac75_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=22590912-b5f4-45fa-8ee4-de16ca6965ea;mdl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 78ms
24ms Script
application/javascript 23.36.232.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-182.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 10 Apr 2024 19:39:32 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 70ms
21ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 08:28:33 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 39360
x-amz-server-side-encryption: AES256
etag: W/"0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Z0dUuhg6s_vPvO_CU_YzHUXkCou3xoivnj3A2YXJMW2LkyjL6WuM8w==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 74ms
21ms Script
application/javascript 23.36.232.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-182.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Wed, 10 Apr 2024 19:39:32 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
320 B 16ms
16ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIyNTMsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiI3NGU2MmI1YS01ODhkLTQ0MGMtYjc5Yy04ZGJmOWQ0M2YwZjYiLCJwYWdlVmFyaWF0aW9uTmFtZSI6ImludGVyc3RpdGlhbCBkZXNrIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJOTCJ9&c_b=903.1000003814697
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H3 200 136431902 Show response
fundingchoicesmessages.google.com/i/ 180 KB
59 KB 61ms
61ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/136431902?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

bdea190def121b120d21d78727b0f1691bf0d5f62f25999a3ec79d3b7393fa9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-71D00ZAPtq3uk7bc4v_Yhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-71D00ZAPtq3uk7bc4v_Yhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcHw4d3sDm8CPBf_nMQIAkvg2kA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TtXX_p-PGfcisUTxztQ-NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TtXX_p-PGfcisUTxztQ-NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1gDgFiIh-PDudsb2AR-vD87gxEAzEcNNQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kaxFtXJ-WklTwbaLy8Z0tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kaxFtXJ-WklTwbaLy8Z0tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1gDgFiIh-PDudsb2ARubG-awQgAy34Mng"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 129ms
60ms XHR
text/javascript 13.33.173.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=j7uINEd0wGSIl&cb=0&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22STICKY_ADP_45157_728X90_5d48c9cb-5735-41a2-8d70-120e63c1f37b%22%2C%22s%22%3A%5B%22728x90%22%2C%22690x90%22%2C%22675x90%22%2C%22670x90%22%2C%22650x90%22%2C%22630x90%22%2C%22600x90%22%2C%22580x90%22%2C%22570x90%22%2C%22468x60%22%2C%22320x50%22%2C%22300x50%22%2C%22300x75%22%5D%2C%22sn%22%3A%22%2F103512698%2F23002230553%22%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-173-196.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nYzY18B81SwPEiaN1x4O70UhmvvcOdisbd_wgoNiEhNetnBnWBAhiQ==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 56ms
39ms XHR
application/json 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240410

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.45157.1709907060881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a58dd01dabadcaafbdf03f08043b4bfe1452f92df24965c67fc56bd9a2a2476f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12223
x-jsd-version: 1.0.2022
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 815
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21925-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-ozRvK9SDoPdf6X1xN9siiqrPQ78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2BsT50E1MhbWTLcMXiZ1xhU26kwHd3JS%2FX3RlX%2FuEkSHvDDM0TyDJtZXCM9rqV4LhLrCJlaZKFA1a7UY537b00M1mB%2BrlP4u8B108HhUMKrfGeBmkH7Vy%2BOiLmZXNtSnyis%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87251e1e2952b7ef-AMS

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 105ms
31ms XHR
application/json 54.155.27.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.27.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-27-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e76006fe2391b414b793aa4c56ea9f0525ce51876a549fb2c7978351a950fdfe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.20.2
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 30ms
30ms Script
application/javascript 23.36.232.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-182.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Wed, 10 Apr 2024 19:39:32 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
463 B 60ms
13ms XHR
application/json 2a02:fa8:8806:21::1780
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Wed, 10 Apr 2024 19:54:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
92 KB 39ms
39ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=269851682

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

37c9360bb0d931d51180c5770fe0b29d50cbca200d7cf981d6cc101e48af0f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 322 KB
51 KB 258ms
147ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4aa6d295b37a2386d156e763138b9741eb8d9b9703712d8a5329a6e57a43ccbb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Lg.ByquJvT_CbWEEqh.ZEBa7FXpmGUUy
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:32 GMT
x-amz-request-id: SCR009AANWJ4X9R6
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 51338
x-amz-id-2: VOWqQDAn+6h71EaHE7uQJED0K7f/KoMRoBK5M65+W5zOPfpSp0TKiE16IL84noJ4DCaliNKqhko=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:03:21 GMT
server: AmazonS3
x-timer: S1712777073.529488,VS0,VE95
etag: "5109bc1c1bcebdb282ed9cf0216bc47d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
94 KB 42ms
42ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f033f222eaeed2dc11f30085369a50520319ce43dce72ccf4b23ee2cbb91c2c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96568
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 apInstreamBundle.js Show response
cdn.adpushup.com/45157/ 2 MB
342 KB 14ms
14ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489F) /
Resource Hash: 4c11331fe6ae5e9eac5fa66d4ea614cb0f3c62b7d56b3bdc46ef8894f14b8486

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
age: 12852
x-cache: HIT
x-client-device: desktop
content-length: 349740
x-ap-device: DESKTOP
last-modified: Wed, 10 Apr 2024 15:05:09 GMT
server: ECAcc (ama/489F)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
x-ap-geo: NL
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:39:32 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 21ms
20ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIzODgsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjIxMDIzYTY1LThmMmUtNDU3MC1iOTk4LWUxMGE2YTk1OGNkOSIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzk3MFgyNTBfMjEwMjMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3Xzk3MFgyNTBfMjEwMjNhNjUtOGYyZS00NTcwLWI5OTgtZTEwYTZhOTU4Y2Q5Iiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1028.8000011444092
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 18ms
18ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIzOTAsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjFjZGQ2ZjgxLTZlNGUtNGI5Yi05ZDA2LWY0YjZjMjA2ODkzYiIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzE2MFg2MDBfMWNkZDYiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3XzE2MFg2MDBfMWNkZDZmODEtNmU0ZS00YjliLTlkMDYtZjRiNmMyMDY4OTNiIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1030.6000003814697
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 20ms
19ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIzOTEsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjcwOGZlMTM0LTg2YjctNGQwZi1iOGJkLWYyNTg3MTE5OGY0NyIsInNlY3Rpb25OYW1lIjoiQVBfSW5zdHJlYW1fVW5pdCIsInN0YXR1cyI6MSwibmV0d29yayI6ImN1c3RvbSIsIm5ldHdvcmtBZFVuaXRJZCI6bnVsbCwic2VydmljZXMiOlsyXSwiYWRVbml0VHlwZSI6MX1dLCJjb3VudHJ5IjoiTkwifQ%3D%3D&c_b=1031.5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 17ms
17ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIzOTMsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjQzM2FlOTE4LWUyNDEtNDM4Ni1hYzkzLWM4Y2IyOGQ5YWY3OSIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzMwMFgyNTBfNDMzYWUiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3XzMwMFgyNTBfNDMzYWU5MTgtZTI0MS00Mzg2LWFjOTMtYzhjYjI4ZDlhZjc5Iiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1033.1000003814697
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 19ms
18ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzIzOTQsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjU4OTA5ZjhhLTE5NDctNDA2Ny04Y2Y3LTRmZGU5OTc0YThiNiIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzMwMFg2MDBfNTg5MDkiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3XzMwMFg2MDBfNTg5MDlmOGEtMTk0Ny00MDY3LThjZjctNGZkZTk5NzRhOGI2Iiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1034.7000007629395
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je4480v872416883za200&_p=1712777072049&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577691297.1712777072&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712777072&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1053
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 75ms
23ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=1577691297.1712777072&gtm=45je4480v872416883za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 112ms
45ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=1577691297.1712777072&gtm=45je4480v872416883za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1907038225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
ultrasurfing.com/ 894 B
1 KB 27ms
27ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae0172585ae1755d6534a5d3e1ec6a7425ea5522ebd469f7d24870228a8f6c6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2432998
etag: W/"5f9a61f5-37e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUZvsX6eUMPUeqj95ljyUXOpRRfpBk5I3UjeIG7EkKy6yD29X6roK%2BS9bTMtxRs39RwZiWbK5VzNXa9Vh5oQ6uuKK1MSpVeWkYNfwRlZQyrvkacT3TjOLXmi9QpMjQYTaJ9E"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=31536000, public
cf-ray: 87251e1eac6c9715-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 13 Mar 2025 15:34:36 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 20ms
19ms Script
application/javascript 23.36.232.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-182.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Wed, 10 Apr 2024 19:39:32 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 400ms
400ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2916510004597606&correlator=453165591460440&eid=31079956%2C31081683%2C44780989&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fifs&iu_parts=103512698%3A21638617752%2C23002230553&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712777072466&lmt=1712777072&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1577691297.1712777072&ga_sid=1712777072&ga_hid=1486556771&ga_fc=true&dlt=1712777071723&idt=553&prev_scp=amznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26misc%3DoptiRef_v12_e_all_pv%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0_pv%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0_pv%26refresh27Split%3Drefresh_experiment_10_pv%26ap_refresh_type%3DAV_3%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26misc%3DoptiRef_v12_e_all&adks=2214359445&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7249e03f286780a5c5d80c40944d6ef54e265fb5bf0aa63395695bbbd9c67111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16589
x-xss-protection: 0
google-lineitem-id: 6497564589
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138462130307
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
64ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ce3007dc21d7005506780d41e15e967c606030af5e8cf4a0e06af55c5ff892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12244
x-xss-protection: 0

GET
H2 200 container.html
4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E202 0
0 123ms
52ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:32 GMT
expires: Thu, 10 Apr 2025 19:24:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 64ms
64ms XHR
text/javascript 13.33.173.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=j7uINEd0wGSIl&cb=1&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22ADP_45157_970x250_00000001-69025034-10c6-4dd1-a47d-b66a41329dc6%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22900x90%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22675x90%22%2C%22675x250%22%2C%22670x90%22%2C%22670x250%22%2C%22650x90%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22974135918%22%7D%2C%7B%22sd%22%3A%22ADP_45157_160x600_00000001-4c7f0320-d191-453e-9d27-0bff64c5b12e%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F103512698%2F22973422918%22%7D%2C%7B%22sd%22%3A%22ADP_45157_300x250_00000001-9cb97c77-ef5c-4694-898d-09b5ac8238e7%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22974135924%22%7D%2C%7B%22sd%22%3A%22ADP_45157_300x600_00000001-e033d2a3-e15f-45a2-a53b-63d1d65d2d25%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22300x600%22%2C%22250x250%22%2C%22240x400%22%2C%22200x200%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F103512698%2F22974135927%22%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-173-196.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eMkMcov-2kGAyA-K7VrdjFYhKlGwYzfbzcXF3BrzJYKg8zX_hSD4uQ==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 141ms
51ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df0a57738fc76a17236d3284bb8f925b53f3a1f0587820fa4126d4b6d8de6708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 apPlayerNewUi.css
cdn.adpushup.com/instream/ 71 KB
14 KB 21ms
21ms Stylesheet
text/css 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/instream/apPlayerNewUi.css
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48E0) /
Resource Hash: e9e05cd85d3088530453443f83b7258a668d25ca53d5555db0fab38ba6cb154c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: br
age: 1528100
x-cache: HIT
x-client-device: desktop
content-length: 14724
last-modified: Mon, 19 Jun 2023 10:49:40 GMT
server: ECAcc (ama/48E0)
etag: W/"649032c4-11b84"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 19:24:32 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 16ms
16ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzI1NTEsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEyNTMzMTQyLTZhNjAtNDZkNS04YWNhLWMzMDdmYjViYTgyYSIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV8xMjUzMyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDUxNTdfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzEyNTMzMTQyLTZhNjAtNDZkNS04YWNhLWMzMDdmYjViYTgyYSIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6Nn1dLCJjb3VudHJ5IjoiTkwifQ%3D%3D&c_b=1191.3000011444092
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:32 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 202 logs
http-intake.logs.datadoghq.com/api/v2/ 0
0 325ms
112ms Ping
application/json 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=450db60c9e5108400bd9a6539552f87a&ddsource=nodejs&service=instream
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 202 logs
http-intake.logs.datadoghq.com/api/v2/ 0
0 371ms
158ms Ping
application/json 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=450db60c9e5108400bd9a6539552f87a&ddsource=nodejs&service=instream
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 391 KB
135 KB 372ms
60ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87afb83349697405684a75a896da9ad767ec869aeb963534d8fb873b53e740d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137565
x-xss-protection: 0
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
23 KB 486ms
485ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2916510004597606&correlator=4031735236137884&eid=31079956%2C31081683%2C44780989&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fifs&iu_parts=103512698%3A21638617752%2C22974135918%2C22973422918%2C22974135924%2C22974135927&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C970x90%7C970x250%7C900x90%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C160x600%7C120x600%2C320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C300x600%7C250x250%7C240x400%7C200x200%7C160x600%7C120x600&fluid=height%2Cheight%2Cheight%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712777072625&lmt=1712777072&adxs=325%2C325%2C975%2C975&adys=105%2C370%2C370%2C620&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=970x-1%7C160x-1%7C300x-1%7C300x-1&msz=970x-1%7C160x-1%7C300x-1%7C300x-1&fws=4%2C4%2C4%2C4&ohw=970%2C160%2C300%2C300&ga_vid=1577691297.1712777072&ga_sid=1712777072&ga_hid=1486556771&ga_fc=true&dlt=1712777071723&idt=553&prev_scp=amznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7Camznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7Camznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7Camznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26ap_refresh_type%3DAV_1%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26misc%3DoptiRef_v12_e_all&adks=129182719%2C1309640580%2C2359505847%2C668383107&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9d42c1fa5fdf34c3db775c4651d5a0da397572c7f1e64cc40f55cb5fbd5a8a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23307
x-xss-protection: 0
google-lineitem-id: 6497564589,6497564589,6410568200,6410568200
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138461996517,138462682432,138454414465,138453562693
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 228 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac67c4c64459f243337fd1acd0f9f5884407755db33357382446eccff49080ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 450 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993b6c12ec96c3b5ed2b09656c8d6299c508bcbc43449a8540f0104f2473eeea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5910fa2b14f49be0ebad39542c1bf8405b12ceea073230cc788aa770cd673ad6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 975 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cb558b096de43381ea12cbb5835a8ad210205e0e189e65bc4343ec23de06fb6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b28c3181c149b11260684c4f1fab1f5e3c0e287313f09c2c8ca28aa9ae4ab9b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 362 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c61902f54255238f30b59f46a3687e46ccdd93a945b9f106a5f4dfdaccc623cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1017 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da50891ffc42d4c1579660f8495c39f0120342c869a96f7fa265333e131745d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hls.m3u8 Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/ 777 B
781 B 85ms
22ms XHR
application/vnd.apple.mpegurl 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls.m3u8
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 03ce435bac87341346aef1460f8f98b823448cb661c96c3f7a79d95c4567844b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 589355
x-accel-date: 1712187717
x-77-nzt: EgwB1GY4tAH3K/4IAAwBisclwQH3XE4GAA
x-accel-expires: @1712811241
x-77-age: 1002631
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: W/"6467d22e-309"
x-77-nzt-ray: 6d204d116fc3119770e71666a763e72a
vary: Accept-Encoding, Origin
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://ultrasurfing.com
x-robots-tag: : noindex, nofollow

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 182ms
104ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:32 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
355 B 59ms
59ms XHR
text/javascript 13.33.173.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=j7uINEd0wGSIl&cb=2&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22ADP_45157_responsivexresponsive_00000001-6a5c7608-12d2-4a14-8afd-f808dc94e1eb%22%2C%22s%22%3A%5B%22400x225%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F23007927310%22%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-173-196.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:31 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oprkbosIZSdZoKk4fZtskJVQY3rEpeQ0nQ21SbWV4WD4cLa5Qk0Hhg==

GET
BLOB 200
OK 396bb257-2d53-4229-a8a6-6958eb27975a
https://ultrasurfing.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/396bb257-2d53-4229-a8a6-6958eb27975a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6df16b9d1f923f1c810f639b4338f7f518909b3e7dd84a82590604b75e3f9933

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 5905
Content-Type: application/javascript

GET
BLOB 200
OK ca735bd8-530f-4c2e-9381-0f49d53f28ad
https://ultrasurfing.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/ca735bd8-530f-4c2e-9381-0f49d53f28ad
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188b58ed827289ceed86ef2e44454e6bd462de36c841f8a0b844a35b4e39fecc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 80503
Content-Type: application/javascript

GET
BLOB 200
OK 953c072d-761c-4dae-9fb8-38ea49ac21ce
https://ultrasurfing.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/953c072d-761c-4dae-9fb8-38ea49ac21ce
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188b58ed827289ceed86ef2e44454e6bd462de36c841f8a0b844a35b4e39fecc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 80503
Content-Type: application/javascript

GET
H2 200 main.m3u8 Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 2 KB
742 B 26ms
26ms XHR
application/vnd.apple.mpegurl 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main.m3u8
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3e7a618dda55b33b8432e5ef1e810cb836c72ec2674df22ee138c6e48275a834

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 589343
x-accel-date: 1712187729
x-77-nzt: EgwB1GY4tAH3H/4IAAwBJRPCLgH3TfYFAA
x-accel-expires: @1712833796
x-77-age: 980076
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: W/"6467d22e-92a"
x-77-nzt-ray: 6d204d116fc3119770e7166674945a2f
vary: Accept-Encoding, Origin
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://ultrasurfing.com
x-robots-tag: : noindex, nofollow

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 520 B
254 B 337ms
336ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2916510004597606&correlator=2498056672735597&eid=31079956%2C31081683%2C44780989&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fifs&iu_parts=103512698%3A21638617752%2C23007927310&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C400x225%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C200x200&fluid=height&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712777072792&lmt=1712777072&adxs=532&adys=370&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=400x-1&msz=400x-1&fws=4&ohw=400&ga_vid=1577691297.1712777072&ga_sid=1712777072&ga_hid=1486556771&ga_fc=true&dlt=1712777071723&idt=553&prev_scp=amznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D1%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_6%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26misc%3DoptiRef_v12_e_all%26url_key_mapping_0%3D05b931d3-cfd8-11ea-9450-6807152005bb&adks=3938599462&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ec34461ac4b673094c6d2a0e25b29afc51e7c7c80a381149f71fdd486a2dacf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20240408-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 892 KB
181 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f59c29dcbeedeedda1ac4140ffed3888cbaf7710e070b6347080f1580e7bc1b8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: UHP_WnKrH2NID9dYgSnyB3VFyxonzGYt
content-encoding: br
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:32 GMT
x-amz-request-id: EA8MK9TB1AJ31PE0
age: 8504
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185235
x-amz-id-2: gyyK8VgPWOsfbPaZF7qgrUh8WQN+P678Demxtzxm5a3pA9CGhHU6676n9oRpsJUfspdKujO3STg=
x-served-by: cache-mad22038-MAD
last-modified: Mon, 08 Apr 2024 09:00:24 GMT
server: AmazonS3-br
x-timer: S1712777073.840174,VS0,VE0
etag: "4fdfa51932225fae8b6736ed3ec6b057"
vary: Accept-Encoding
content-type: application/javascript
abp: 77
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 9

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79843e768129bc54db15739806c3d973e3d7b3e97c9ac58100c657d071f56fc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d0ea0c5b/www-widgetapi.vflset/ 216 KB
67 KB 19ms
19ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d0ea0c5b/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

240bec4f5eb6f06d9e04895bc0f3bae9f097cd6e97e0395dddeed14fe1ee4754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68432
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 04:16:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Apr 2025 18:38:19 GMT

GET
H2 200 main.m3u8 Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 2 KB
765 B 20ms
20ms XHR
application/vnd.apple.mpegurl 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main.m3u8
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8efd69904f94cc23cd40d0f66b4460f7db4941f5194ed468e580b297bd45a1d0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 584285
x-accel-date: 1712192787
x-77-nzt: EgwB1GY4tAH3XeoIAAwBJRPCLgH3NbQAAA
x-accel-expires: @1713183454
x-77-age: 630418
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: W/"6467d22f-977"
x-77-nzt-ray: 6d204d116fc3119770e7166629192a31
vary: Accept-Encoding, Origin
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://ultrasurfing.com
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00001.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 55 KB
56 KB 30ms
30ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00001.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d8438cb183dcb1f77f6587be9aec5c05703ba7b43d1e8aa0f495a7900a92b059

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 281615
x-accel-date: 1712495457
content-length: 56400
x-77-nzt: EgwB1GY4tAHXD0wEAAwBJRPCMQH3S3MKAA
x-accel-expires: @1712847382
x-77-age: 966490
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-dc50"
x-77-nzt-ray: 6d204d116fc3119770e71666fca25c31
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C18 0
0 98ms
30ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 5BFD 0
0 71ms
30ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SaAzPlqNV6MAKqbdENPk0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SaAzPlqNV6MAKqbdENPk0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:32 GMT
expires: Wed, 10 Apr 2024 19:24:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main_00001.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 41ms
40ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00001.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 72e6013277164f63654fc121b2cbe90bb6056c4fc6f778a439e23acbfd2cc512

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 283281
x-accel-date: 1712493791
content-length: 2623
x-77-nzt: EgwB1GY4tAHXkVIEAAwBnJIhHwH3n1EFAA
x-accel-expires: @1713182016
x-77-age: 631856
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a3f"
x-77-nzt-ray: 6d204d116fc3119770e716661a160c33
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6FD1 0
0 94ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu0g97zDylmVe1Ob5D8d03EjGLh_8NWM0IlQ-iRnx8gIHlNHW7AgxHnWL8wKmKty6h2hNC9dw-fWGVJNTuoN28g60BxErq25a3vasJbv2pGNxMS6Lvvps5sJtQ0ihPFNKEHdCmANEyoAIa3npI5Z6RuvuA_Eqw-T6hAlxRLnbl9iRiPPG1uUfrz6ayOt1Hptr7_dgEDvOS77iG9QUS2MpLgQp8M2-nQIZi4huH3GctUjr4N9cj3x2CcNJ_q0JJDVMYz_qB4HtrzreKCxbjKaHX-rd3s2k8-8G43qui9whb3FfzhZI_O0MB5zkjkxylFwajS3MwannXoEb9_rcZKzej7YhygmWBn7MuMniZvx97lYTTMjKLr7I54-MtChUzG-Fs9&sig=Cg0ArKJSzH34ShywBrqEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 6FD1 23 KB
9 KB 89ms
49ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H2 200 ultrasurfing.comadpushup.js Show response
jscdn.greeter.me/ Frame 6FD1 6 KB
3 KB 79ms
27ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fba4c9bf5769360be8ba763b0a155b92da4be6951844388b7d5eaab9822e9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx000006f407324a38eb068-00661693fb-e72359fb-fra1b
age: 1204
x-envoy-upstream-healthchecked-cluster
last-modified: Mon, 08 Apr 2024 10:56:23 GMT
server: cloudflare
etag: W/"4ebdd07aa735d3ba425e07d497b79ed0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 51d73c26-4e7c-47a9-825f-52ce5b5fb0a0
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 87251e21fe749fe4-AMS

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6FD1 214 KB
65 KB 59ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H2 200 main_00002.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 55 KB
55 KB 26ms
26ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00002.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8f53c90048508f2e96d6b662f67108e09151bf7915f23136e4abdaccdc044ab1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 117758
x-accel-date: 1712659314
content-length: 55836
x-77-nzt: EgwB1GY4tAHX/ssBAAwBnJIhJwH3ebQNAA
x-accel-expires: @1713692685
x-77-age: 1015927
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-da1c"
x-77-nzt-ray: 6d204d116fc3119770e7166629d2cf36
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00002.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 38ms
38ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00002.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e2618c8c103f14a7a5a25557d493d1a49232c36c1c660ac6719060683ecd64e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 273662
x-accel-date: 1712503410
content-length: 2584
x-77-nzt: EgwB1GY4tAHX/iwEAAwBnJIhJwH3DmYAAA
x-accel-expires: @1713514084
x-77-age: 299788
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a18"
x-77-nzt-ray: 6d204d116fc3119770e71666faa8e636
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00003.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 56 KB
56 KB 27ms
25ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00003.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d636a38c08819fa227d1550a4913222cbe831a630c3bbda636c3d9df616205ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 265293
x-accel-date: 1712511779
content-length: 57340
x-77-nzt: EgwB1GY4tAHXTQwEAAwBnJIhHwH3hU4AAA
x-accel-expires: @1713528478
x-77-age: 285394
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-dffc"
x-77-nzt-ray: 6d204d116fc3119770e71666eaf67439
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00003.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 35ms
34ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00003.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7e800289f4c239b49594fc0466a323afb2e2d7f3f4afa9368b34fc24b07968e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:32 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 261944
x-accel-date: 1712515128
content-length: 2597
x-77-nzt: EgwB1GY4tAHXOP8DAAwBisclxAH3nqcPAA
x-accel-expires: @1713551085
x-77-age: 1287894
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119770e716669d5b9b39
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 50ms
18ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 328141
expires: 60

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 66 KB
18 KB 444ms
436ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=21%3A24%3A32.973&lti=deflated&data=%7B%22id%22%3A623%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1712739798959%2C%22vi%22%3A1712777072971%2C%22cv%22%3A%2220240408-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A800%2C%22sh%22%3A600%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1519%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1420.125%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A1220%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 68fa752944569b7e4444f40382114e9eb979b964cfef6d680a0d02d381d4c220

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 384
date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
via: 1.1 varnish
x-datadome: protected
cpu: 0.9139583333333333
x-fastly-to-nlb-rtt: 28449
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-mad22038-MAD
x-log-content-encoding: gzip
server: nginx
x-timer: S1712777073.014559,VS0,VS0,VE384
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
247 B 57ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FD1 0
0 51ms
51ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6FD1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f478e799d2f730eb8ad32de112b72fc22e491e2b94b93bba217bab36db064921

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475771/ Frame 6FD1 2 KB
1010 B 82ms
12ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475771/hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd5786129d28964994b639cb3bab970479813fc5f60c6281ba6e55098477f5e6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-605"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6FD1 91 KB
29 KB 63ms
62ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

5c0ba0a60bf275e530d974c82dcb7f0be15de36f1751a3b285d67c31c80c0729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29414
x-xss-protection: 0
server: cafe
etag: 513 / 19823 / 31082601 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 wrapper_hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475771/ Frame 6FD1 2 KB
1 KB 83ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475771/wrapper_hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6188b07f531a65a0d53b693f742537d304069074e66c1b1aaca0cc34fb5edfe3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-9fc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6FD1 91 KB
29 KB 120ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02acae1578de9583e920026dfff878cfeae76a7b0dd65fe130be924e54ffdf0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29407
x-xss-protection: 0
server: cafe
etag: 224 / 19823 / 31082600 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 548 B
204 B 93ms
52ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fultrasurfing.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1c261ab4dace4aed640d9bebbbc65d51c96c0d088c698af3d881317e0287e765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179
x-xss-protection: 0
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 2e7e1587-d92f-46dd-8721-80b53eccb87e Show response
config.aps.amazon-adsystem.com/configs/ 563 B
828 B 20ms
20ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: c7b049c145ebb1fa294c4e99795b1f92876a8c589ad071c735a757cc689ee2ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:48:24 GMT
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 2169
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: 8QEjK1cMhgtrrKQ3hnS7h0rIeDQdIeKGnT4AcbYzK9QHRtHS1Ut1OQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 31ms
31ms XHR
application/json 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fultrasurfing.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: Server /
Resource Hash: c54b4f2646be8a0cd7aeb5db1c6d43ac798de663e034576ce6cf1195da1161dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:00:50 GMT
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 5023
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2424
x-amz-cf-id: lsU9jk2PPYI35asDMAKO0d3FKqXQWYRF1R78nlAebAfjCJZ83jrxUQ==

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 18ms
17ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3AxIn1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 20ms
19ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3AyIn1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 23ms
22ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3AzIn1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 22ms
21ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3A0In1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 20ms
20ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX2JhY2tmaWxsMSJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 21ms
20ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtMSJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 26ms
26ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtMiJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 23ms
23ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtMyJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 25ms
25ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTI3NzcwNzMwNDcsInBhY2tldElkIjoiMDAwMEIwNjUtM2IxMmRjZTMtNGM1YS00MWMxLWI0MTYtZmVjMmIwN2QzOTZlIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtNCJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
BLOB 206
Partial Content a4ef4b25-5ec7-4c1f-aa75-8f70a7193384
https://ultrasurfing.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/a4ef4b25-5ec7-4c1f-aa75-8f70a7193384
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 bridge3.633.0_en.html
imasdk.googleapis.com/js/core/ Frame FF2A 0
0 95ms
30ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.633.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 171292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 249182
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Apr 2024 19:49:41 GMT
expires: Tue, 08 Apr 2025 19:49:41 GMT
last-modified: Mon, 08 Apr 2024 19:45:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 142ms
65ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DF1B 40 KB
14 KB 19ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:33:24 GMT

GET
H2 200 main_00004.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 55 KB
55 KB 27ms
23ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00004.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7f3b9e0014e7de4d85dc74f30ffc7e26bb0ff1d023b5eb93299714e9cf7ecf8c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 259826
x-accel-date: 1712517247
content-length: 55836
x-77-nzt: EgwB1GY4tAHX8vYDAAwBnJIhHwH3GrcFAA
x-accel-expires: @1713179493
x-77-age: 634380
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-da1c"
x-77-nzt-ray: 6d204d116fc3119771e716668a311b05
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00004.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 34ms
31ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00004.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ba215ba34df598608a897a1378c5c68d337ae0b7cc5d3dd6aff569c5c2779826

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 273656
x-accel-date: 1712503417
content-length: 2597
x-77-nzt: EgwB1GY4tAHX+CwEAAwBJRPCMQH3GoEFAA
x-accel-expires: @1713179487
x-77-age: 634386
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119771e71666d0b34205
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 22ms
21ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 08:28:33 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 39361
x-amz-server-side-encryption: AES256
etag: W/"0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: o-AlSNAMZKdlgb9OVEyhHpSLtGPXxohhE9xpTHS1ybNjVwqUS2qtEw==

GET
BLOB 206
Partial Content a4ef4b25-5ec7-4c1f-aa75-8f70a7193384
https://ultrasurfing.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/a4ef4b25-5ec7-4c1f-aa75-8f70a7193384
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 33ms
32ms XHR
application/json 54.155.27.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.27.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-27-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0f7ec2c62febac664cde81008b2ef7f7d0cd25075d077aa0c2e32d8ed7bc2b3f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.24.62
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/ Frame 6FD1 445 KB
139 KB 21ms
21ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

95fce0690ae2dbb70621af1fffb3124901327bddffb4b5155d4afdd0941ed0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 10:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33783
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142420
x-xss-protection: 0
server: cafe
etag: 12585642542182148888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 10:01:30 GMT

GET
H2 200 hbp_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 6FD1 301 KB
96 KB 18ms
18ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475771/hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 10:37:17 GMT
server: nginx
etag: W/"65c35d5d-4b3bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H2 200 hbw_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/eiGAJ/ Frame 6FD1 128 KB
42 KB 40ms
40ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475771/wrapper_hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7c86900d51054aebaa6916bdd456bde9f181229d86f872eec004477f55bc1f1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-200c0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H2 200 main_00005.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 26ms
26ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00005.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 306933f88fe33271cb5c31207d65753523ccc2f6f3af8574e26d57cf66d17458

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 273656
x-accel-date: 1712503417
content-length: 2584
x-77-nzt: EgwB1GY4tAHX+CwEAAwBJRPCMQH3hKgKAA
x-accel-expires: @1712841717
x-77-age: 972156
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a18"
x-77-nzt-ray: 6d204d116fc3119771e71666349d0708
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame A94B 0
0 65ms
65ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvw-u8u532zxbEIVdE9ZuFSb8srLFAIZkBUZt4k0f4ZtXBfrX2pBgNHqqhnTEZ2MU81QOqsB2N7VLi_VUAvb2_la2RRASQCUvvJkh_lXe_rXJg9bB8wC8GQwM8UvRpLTKlw9D5MbBuuJdbwnU9iIP6jVaZWW3ESvGBYV3FI_12sOwNtc6IDIm2zn7ARm7-Ncf09tkvLhjur4D2y1SulPfLZ09AuRLViD5afwntsST_Jd4322dR2BJkSzlNVjW_oRG6k0uEnyGqkDZRleJ1TzYntaLC3yreXWvp3Ui_d_PZobDIYaOe4wR-ontMMSOLBO2mfqHjnJWhMy-hgjKibeOgn7Y4fiPLz3VH0pz6t8HHy6bVtg75e0LdelyjxVCgSfEn8&sig=Cg0ArKJSzCOHJdzk9gk6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame A94B 23 KB
9 KB 21ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H2 200 ultrasurfing.comadpushup.js Show response
jscdn.greeter.me/ Frame A94B 6 KB
2 KB 27ms
27ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fba4c9bf5769360be8ba763b0a155b92da4be6951844388b7d5eaab9822e9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx000006f407324a38eb068-00661693fb-e72359fb-fra1b
age: 1205
x-envoy-upstream-healthchecked-cluster
last-modified: Mon, 08 Apr 2024 10:56:23 GMT
server: cloudflare
etag: W/"4ebdd07aa735d3ba425e07d497b79ed0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 51d73c26-4e7c-47a9-825f-52ce5b5fb0a0
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 87251e2318829fe4-AMS

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A94B 214 KB
65 KB 21ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CD82 0
0 58ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstieXeDihLev9jAwZEseXUhHlkFixjt2Ft_luKoIPXhCDrmGuU86KMOaTJdTeXTQTdkhTR5iZxwBwRgBqPwYv1WrbxOJW0gPoBUSBObCbPshMfGDB-Aj-lXkIYyr3lRC8xKbvZoy8meW31KF8QBrGFujVaw-tyHNP265AHAO48PD6VokCFXJC7_-olFelPtY94llxlA59-TB2wLUMdBph-7wQmtq4YqTBIMnI7-Y3V0fxROQe2uRXuwa6nd3NdH8oVFAQJ3hdcO35X62F7U5WhpuzpT2E6j1kagRczxf9QJBhx0Uk9-9oZDjxdJpsYfDJmLrZoGDr-gB1hn2F-MpdnOKQlhDgTdnPYQlTCPRe-lAMe76b3I6C1jI6Q7EIBoNuci&sig=Cg0ArKJSzDM7XsfivBvnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame CD82 23 KB
9 KB 59ms
57ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H2 200 ultrasurfing.comadpushup.js Show response
jscdn.greeter.me/ Frame CD82 6 KB
2 KB 27ms
25ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fba4c9bf5769360be8ba763b0a155b92da4be6951844388b7d5eaab9822e9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx000006f407324a38eb068-00661693fb-e72359fb-fra1b
age: 1205
x-envoy-upstream-healthchecked-cluster
last-modified: Mon, 08 Apr 2024 10:56:23 GMT
server: cloudflare
etag: W/"4ebdd07aa735d3ba425e07d497b79ed0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 51d73c26-4e7c-47a9-825f-52ce5b5fb0a0
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 87251e2328949fe4-AMS

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CD82 214 KB
65 KB 23ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 134B 0
0 59ms
58ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst-nB8dbOwIE26h0RGWk37gXMpQD8Zff8141dgRTn5SVTd484fL32GSjPa-_Tn-0jgAYHGIbsDBm7vIG9BbuU5u0wGxWS7vg_Sqa7lTtzqdPm6bsgDYHOljjgIHSqa1YHTD1I0CB-sVbFfdzuz1gJZn45ffl-cJ5cA5evYauSrwhSM0Zwrfpu7i7hLvVh_8JnvjjKoLflMo0OOSai5FS8V7CokUrcl1RVJ0fi2ARv5Qgqy0_mVqUz3IUQ1v14z1ZJPM6kZGPtmyxkuVcqheFf4DT5vadDiL8chNEXUCCRGx60_IRLrDRM0DdtMzLEMpRCgl5J_YP73xx2JBDOfym6r7qsiDgS69QhqT3mdf_ewnoW49yhIGpJctTElIZVLB9vjV&sig=Cg0ArKJSzMpJJWyq-OiuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 134B 23 KB
9 KB 47ms
46ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H2 200 a1554043.js Show response
js.genieessp.com/t/554/043/ Frame 134B 0
159 B 753ms
243ms Script
text/plain 222.230.178.146
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/554/043/a1554043.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.146 Chiyoda-ku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 0
warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
content-type: text/plain

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 134B 214 KB
65 KB 22ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2296 0
0 55ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu91vYlPKiwDm9i8iALXZzSzQo0v8HEM8Lb1BeUByXhoLhjh_VSPgOnl7qn8qbqy6r0hwkRw6NHGWwJ0qsh6_5WkOOSjwVmBOtdV4UUvMVAPSHJpflR6ldxti0LIIVhqvTb_of2BHXfzSeEJPKnqiApQm0RJ9MzA1XZ-am8HO5wlPI0ftigFBRgNGIt5qeR688Jpv_JTGBZvJdfRGf2I03mtiaCGJRJCtPXbgL-oS7vsBvaHTD555miQKI21GPlu1hHLo6OK-7uNC7AmApBxT_w_rosuEre_OnmICBwMomBnovteM7qDwU225lJ9Z-5LzwNXUMEqf6S62REW3dbmQ3XtYHbCidAPsFYAm-rxqYpfntfx7PYhH7Zp3AvZsaHFLWQ&sig=Cg0ArKJSzMyXzIQdYmZ1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 2296 23 KB
9 KB 43ms
43ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H2 200 a1554044.js Show response
js.genieessp.com/t/554/044/ Frame 2296 0
158 B 748ms
243ms Script
text/plain 222.230.178.146
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/554/044/a1554044.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.146 Chiyoda-ku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 0
warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
content-type: text/plain

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2296 214 KB
65 KB 26ms
26ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H2 200 main_00005.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 57 KB
58 KB 31ms
31ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00005.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 08dcd4ffa5a2b63749ca40c3f900b1a357a7aadd63bb6fecaac3a513e456527c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 19343
x-accel-date: 1712757730
content-length: 58468
x-77-nzt: EgwB1GY4tAH3j0sAAAwBisclxAH3Z/UOAA
x-accel-expires: @1713788910
x-77-age: 999670
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-e464"
x-77-nzt-ray: 6d204d116fc3119771e71666c6108e0a
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H3 200 inc_ads. Show response
fundingchoicesmessages.google.com/f/AGSKWxVYx4PyLnGQWOFBBguaLe6os8hrMSljByCm2j32y12_epnMCqa8Vnwx_9H4GI2qOu_-Wewy553JaexaihgfiXsuxX6TG_TWL42E6yYjEYuJzySxmLzCQ0Df3Bec8IjE925WH8dmRjOxEb0dq1AEZGGtxDwIv... 54 B
110 B 44ms
43ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVYx4PyLnGQWOFBBguaLe6os8hrMSljByCm2j32y12_epnMCqa8Vnwx_9H4GI2qOu_-Wewy553JaexaihgfiXsuxX6TG_TWL42E6yYjEYuJzySxmLzCQ0Df3Bec8IjE925WH8dmRjOxEb0dq1AEZGGtxDwIvcJre9LQGfCG4aH8ubN_kBO8L2VwfJC2/_/adproxy./ad_title_/st_prebid.js/banner-ad-/inc_ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.EEDv5liViQk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw6yKmZx8PWdI96sOftdH771BF0-g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

0791c13a56bb58bc39defa2eec311621cb93ccfe61fe2a2f306ebc59fdd53c0d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KvJu7CcNi9Opgx8Yc462NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KvJu7CcNi9Opgx8Yc462NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAtxc3w8d3sDm8CCZz-iAWKeNkI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 34ms
33ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

83c5190536a91c27cb47ff9d671f0e992cd9328ed13913920653a9c65140d580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 18:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11532
x-xss-protection: 0
server: cafe
etag: 5275273590851134888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:41:03 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DU5sBbF6ICuHfdF-owwKkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DU5sBbF6ICuHfdF-owwKkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1gDgFiIm-Pjudsb2AQurJwQCQC-1AxZ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475771/ Frame A94B 2 KB
1009 B 14ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475771/hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd5786129d28964994b639cb3bab970479813fc5f60c6281ba6e55098477f5e6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-605"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A94B 91 KB
29 KB 62ms
61ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8175d3e8d96680130d607c1b4397883626f205bfe875ee2664ee71f8ccc9788e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29407
x-xss-protection: 0
server: cafe
etag: 898 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 wrapper_hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475771/ Frame A94B 2 KB
1 KB 14ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475771/wrapper_hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6188b07f531a65a0d53b693f742537d304069074e66c1b1aaca0cc34fb5edfe3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-9fc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A94B 91 KB
29 KB 60ms
60ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6c8bdc518add85534d7901b2b58c908ee5b15a0c6ccc76a7de7b94986911ecad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29409
x-xss-protection: 0
server: cafe
etag: 102 / 19823 / 31082638 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475771/ Frame CD82 2 KB
1009 B 16ms
15ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475771/hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd5786129d28964994b639cb3bab970479813fc5f60c6281ba6e55098477f5e6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-605"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CD82 91 KB
29 KB 64ms
64ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

83cc38b4325ee10e8f336804b60045e5af897b96ddec743bd068bb08cc82dec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29407
x-xss-protection: 0
server: cafe
etag: 751 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 wrapper_hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475771/ Frame CD82 2 KB
1 KB 17ms
16ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475771/wrapper_hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6188b07f531a65a0d53b693f742537d304069074e66c1b1aaca0cc34fb5edfe3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-9fc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CD82 91 KB
29 KB 59ms
59ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f6ae29380f8c0aae61d904fa03b2eca1a0d9b9b8ecab854241df97328a849197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29406
x-xss-protection: 0
server: cafe
etag: 79 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A94B 0
0 56ms
52ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A94B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 549cf81689ec0ca9ad5135716b46ec81c5de80123103bfeb923895d35ed3083a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ Frame 6FD1 11 KB
5 KB 58ms
13ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fultrasurfing.com
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ac5eb4cdef1d6d61e78a8d3b93d76af4e096e531acad963524381cdc7cd6e0f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

expires: Thu, 11 Apr 2024 19:24:33 GMT
date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 00:02:36 GMT
server: nginx
etag: W/"6615d71c-2aba"
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=86400
x-proxy-cache: HIT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6FD1 0
195 B 64ms
15ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=71566867051&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6FD1 0
194 B 73ms
27ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=2176057162&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 6FD1 15 B
413 B 75ms
23ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD82 0
0 50ms
50ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CD82 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da7d1400a01f1224f773622dddab334811d516da76ee8f3a7af251256ea1a4a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
sghb.aplhb.adipolo.com/geo/ Frame 6FD1 151 B
420 B 402ms
18ms XHR
application/json 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 51c75525d7a2c1c5bf13c2161e31a415be759f6ee8b9a7e9242567b0411a6ab2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 19:24:33 GMT
Server: fasthttp
Content-Type: application/json
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame 6FD1 43 B
432 B 403ms
20ms XHR
image/gif 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=755983&site_id=19102&pbjsv=v8.33.2&full_page_url=https%3A%2F%2Fultrasurfing.com&adid=u78vui.rm&features=81952&vpbv=m2317&tte=272&lifecycle_tte=418
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 19:24:33 GMT
Server: fasthttp
Content-Type: image/gif
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6FD1 0
0 57ms
57ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuXr3LRNrgo5PEWXoGKEGU16W7FbDdD4Z0VDzFiJlrzeoIcchOrKK8Bo4sNymZDalhxX9KL99nT6Ajivl7S_UVdqFnYsIeSYyvlgFeTxRri-qKVpO1f9VLJrEdfMTRxT7e-SQ-ldPYSSlmfhPKh4GgJTORBIT4AKYkfbIIFWpiXYVYmcnry7yAALdhGSxtlJ6rXmgBDTRJ443kgs5QvbvnUHpRPxaFDeh1BDdqiXd4a-NbVceTT_r7Fc2BF3kKqkC5OUa4O-WVE1HjvbYscfap90glK_MJO6h6VyfUFicjEOY0aExlgYexVW4shzsX_9qpgWiXiaFMNMeNvj4AIpd5m7j3HETzRIyZ5l9w09FmfuLnYc02CMkF_i98dqCZf6B1g3yQ&sig=Cg0ArKJSzCf9IA3ZFWGYEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 main_00006.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 21ms
21ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00006.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d7e1852e847464aa848dff2855855f2581f7e8e0acba9772af1f2d2043f9a6e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 265291
x-accel-date: 1712511782
content-length: 2597
x-77-nzt: EgwB1GY4tAHXSwwEAAwBJRPCMQH3Fe4KAA
x-accel-expires: @1712832273
x-77-age: 981600
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119771e7166687075613
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 hbp_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame A94B 301 KB
96 KB 15ms
15ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475771/hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 10:37:17 GMT
server: nginx
etag: W/"65c35d5d-4b3bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H2 200 hbw_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/eiGAJ/ Frame A94B 128 KB
42 KB 22ms
22ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475771/wrapper_hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7c86900d51054aebaa6916bdd456bde9f181229d86f872eec004477f55bc1f1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-200c0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uteWEP8Rbc_UsH8K7Qg2Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uteWEP8Rbc_UsH8K7Qg2Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1gDgFiIh-Pjudsb2AQm_Fq2mBEAyycMxQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbp_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame CD82 301 KB
96 KB 19ms
19ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475771/hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 10:37:17 GMT
server: nginx
etag: W/"65c35d5d-4b3bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7JSF8Kd5I4sxPz4AwTFt7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7JSF8Kd5I4sxPz4AwTFt7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1gDgFiIh-Pjudsb2ARmPOhfwggAyZQMlQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FsixTeVuKrSRI_MyIq1oZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FsixTeVuKrSRI_MyIq1oZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1gDgFiIh-Pjudsb2ARWHGtaxggAyq0Mig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWWE8QEeADFpJkYuCBGQYfKJVv2_NO6XIpM-2Rk1DK2fIHyp58fDq58fkjVrs6LgKhNed4zDwQHdlG4gkV50ygreI0Gbu-98JoSbv0IcqiSzGrX_f3eJlKY2Ihdf9_6P4VLc5hBFQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 57ms
57ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWWE8QEeADFpJkYuCBGQYfKJVv2_NO6XIpM-2Rk1DK2fIHyp58fDq58fkjVrs6LgKhNed4zDwQHdlG4gkV50ygreI0Gbu-98JoSbv0IcqiSzGrX_f3eJlKY2Ihdf9_6P4VLc5hBFQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyNzc3MDczLDMyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLG51bGwsW1s4LCJFRUR2NWxpVmlRayJdLFs5LCJubCJdLFsxNiwiWzEsMSwxXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIxNDVdLG51bGwsMF0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

77308032a19eacd23ef73a237f11c36b51d945555c6c282b1b4e8c1fec26d5b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-71BjGPsCrIGEgEPaI_A57w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-71BjGPsCrIGEgEPaI_A57w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcHw8d3sDm8CFKZ0bGQGUnzYC"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbw_release_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/eiGAJ/ Frame CD82 127 KB
42 KB 23ms
22ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_release_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475771/wrapper_hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 61c75078e34610e59261941555b1c34846fcce3dff55115e67fbbe27ae3be651

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 16:26:16 GMT
server: nginx
etag: W/"6616bda8-1fabf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 10 Apr 2024 20:24:33 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/ Frame A94B 445 KB
139 KB 21ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

95fce0690ae2dbb70621af1fffb3124901327bddffb4b5155d4afdd0941ed0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 10:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33819
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142420
x-xss-protection: 0
server: cafe
etag: 12585642542182148888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 10:00:54 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ Frame CD82 443 KB
138 KB 23ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 11:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29996
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 11:04:37 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 6FD1 40 KB
16 KB 254ms
253ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=218440773637057&correlator=2464220974607783&eid=44809527%2C31082601%2C95327819%2C44807747%2C44780990&output=ldjh&gdfp_req=1&vrg=202404080101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=7047%3A22861843909%2Capl%2Cdisplaypartner%2Cneerajanuj%2C22861843909&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C320x50%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712777073360&lmt=1712777073&adxs=632&adys=1150&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=i6vl4599vncu&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&nhd=1&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=728x-1&msz=336x-1&fws=768&ohw=0&ga_vid=473035426.1712777073&ga_sid=1712777073&ga_hid=1731222228&ga_fc=false&dlt=1712777072887&idt=317&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26excl_cat%3DPREPOST&adks=2090182472&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d320abff84a83c6ca3c7b51794f191fddef49b21f6d31c419a5c6894b48738dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16671
x-xss-protection: 0
google-lineitem-id: 6702963581
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138471515095
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6FD1 16 KB
12 KB 69ms
68ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3b6afda6d28f6f7cb2dd513686942c44a3981d21bd4bde0f2b211040cc8d8289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12170
x-xss-protection: 0

GET
H2 200 container.html
a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A7D 0
0 76ms
51ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:33 GMT
expires: Thu, 10 Apr 2025 19:24:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main_00006.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 81 KB
81 KB 26ms
26ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00006.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0794cbf40aacde76108dee95df25fca03a175072b3e56013803e627af964833b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 217547
x-accel-date: 1712559526
content-length: 82720
x-77-nzt: EgwB1GY4tAHXy1EDAAwBJRPCLgH3PFwGAA
x-accel-expires: @1713179498
x-77-age: 634375
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-14320"
x-77-nzt-ray: 6d204d116fc3119771e716665d176916
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ Frame A94B 11 KB
5 KB 14ms
13ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fultrasurfing.com
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ac5eb4cdef1d6d61e78a8d3b93d76af4e096e531acad963524381cdc7cd6e0f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

expires: Thu, 11 Apr 2024 19:24:33 GMT
date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 00:02:36 GMT
server: nginx
etag: W/"6615d71c-2aba"
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ Frame CD82 11 KB
5 KB 17ms
17ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fultrasurfing.com
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ac5eb4cdef1d6d61e78a8d3b93d76af4e096e531acad963524381cdc7cd6e0f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

expires: Thu, 11 Apr 2024 19:24:33 GMT
date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 00:02:36 GMT
server: nginx
etag: W/"6615d71c-2aba"
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
sghb.aplhb.adipolo.com/geo/ Frame A94B 151 B
420 B 339ms
19ms XHR
application/json 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 51c75525d7a2c1c5bf13c2161e31a415be759f6ee8b9a7e9242567b0411a6ab2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 19:24:33 GMT
Server: fasthttp
Content-Type: application/json
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame A94B 43 B
432 B 339ms
19ms XHR
image/gif 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=755983&site_id=19102&pbjsv=v8.33.2&full_page_url=https%3A%2F%2Fultrasurfing.com&adid=u78vz5.3o&features=81952&vpbv=m2317&tte=216&lifecycle_tte=267
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 19:24:33 GMT
Server: fasthttp
Content-Type: image/gif
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H/1.1 200
OK / Show response
sghb.aplhb.adipolo.com/geo/ Frame CD82 151 B
420 B 352ms
17ms XHR
application/json 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_release_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 51c75525d7a2c1c5bf13c2161e31a415be759f6ee8b9a7e9242567b0411a6ab2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 19:24:33 GMT
Server: fasthttp
Content-Type: application/json
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame CD82 43 B
432 B 354ms
18ms XHR
image/gif 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=755983&site_id=19102&pbjsv=v8.33.2&full_page_url=https%3A%2F%2Fultrasurfing.com&adid=u78vzd.in&features=81952&vpbv=r2316&tte=206&lifecycle_tte=263
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_release_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 19:24:33 GMT
Server: fasthttp
Content-Type: image/gif
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 main_00007.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 24ms
24ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00007.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0b870888288fdc85577e8f8f7ca0eb724c54d5f0d98b50f407207aebd3839d88

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 265290
x-accel-date: 1712511783
content-length: 2597
x-77-nzt: EgwB1GY4tAHXSgwEAAwBisclxAH3wKEFAA
x-accel-expires: @1713179495
x-77-age: 634378
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119771e716661a81f817
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CD82 0
194 B 14ms
14ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=45158145635&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CD82 0
194 B 16ms
16ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=14819281952&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame CD82 15 B
412 B 24ms
23ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A94B 0
194 B 15ms
14ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=56109312149&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A94B 0
194 B 14ms
14ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=5204139013&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame A94B 15 B
412 B 56ms
56ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H3 204 AGSKWxX8qVtew9jeo0L9tNIRSPNQjxbOGY_9B_iJx7omRlA5MpRflXIaUEt-oPryDa1u6Tw5FkuwpEHA5SUXfjUq5oqYG-R2lO6hyjd5-4w70xYql_oXC7YQuhGfTPYsaZqG7SU36BGwLA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 29ms
28ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX8qVtew9jeo0L9tNIRSPNQjxbOGY_9B_iJx7omRlA5MpRflXIaUEt-oPryDa1u6Tw5FkuwpEHA5SUXfjUq5oqYG-R2lO6hyjd5-4w70xYql_oXC7YQuhGfTPYsaZqG7SU36BGwLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qRInQuXkJHJ9W0_u9yuPXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-qRInQuXkJHJ9W0_u9yuPXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1gDgFiIh-Pjudsb2AQeHLt_nhEAzbYNTA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRnuQNY5LDZu0drI6SZ0Gloy7HQA3duT1uzyAYLLT18xjO4WucWXkuDcV4619qox3Dz2X6XX07_fEr8oEOuX5zB4phh_h9uAKOtuEH4_1B15zSkm3XLmQHrbVV4_VYkZZJ_HI7aA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2AyT9QT2ifTnzlq4kMHKZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2AyT9QT2ifTnzlq4kMHKZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1gDgFiIh-Pjudsb2ARmvF59kREAy6AM8g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CD82 0
0 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsujZV6VTxpcLbeaHefin2CAxdFWW3v14cLIFey6Vs9nT7mEW1qRqkt33oZ2zBR-xTdcB_fIJF6Czpdw2psSOrMzktAPk4lUKXhVFH8qvO30bSf1CnNsLayBQGImGSWUZVy3MJm8wZYdI1B7bPZuFB8Gs6ZL0s_Jpo0e6LnoqlU5dgKQ6GAIIMcDBs-g41glRT8cwyA4fvN135njpE0q5kFbqLHVEQ9rqd8_WitV02Y8W6zgPwkX1uhSKi9TUGdUDvRmuFK0ygvapnpIs0Vpal6HzTaDyfPCwtRZe5x7bydUWQx1kN2r1YKM0ZoJuM16OrwSeZ_wHmISpQ3XWtKcRQ4QI6DJGn63rkUIRdU4hU69F-SHgJ6-6SL7qC4vO_oi9RdGucE&sig=Cg0ArKJSzJ1Ys8AXpxT9EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame A94B 0
0 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssktRFT9YPnIMcOBPnPEcQV0NfY32sQGqR5_IFyBKp29zhbYUdguWeI8q-r0oZKBGbHOOT9TdtyPhDINu-h6FtA90ja73Kl3xbaHJvZDrYf8QYjz4wKpPnk3fwFYXgps9mpl80v57z3uX0sivoHurS3cO1PsM9vuvnMRNWQY_X7tUJL0wXdxZiEzjEu8wgHBO-cjnPv1HWahMKn_f0Df8kFWRRa-0FkAFLZEDfFzjsk-WqslcE3OJgbaVY_1VmxRVUP9RXtvRnyx22vs9RnU-SCDfs4ZvyeBdsJhuvXARYAnbBYs112RQ4FpaG6YnHIbWzhlv67VM8OOX-thqdvHJ5oZsp4_-gOONXEv4B0KjInt_CzKGQt-ttzY4tmwBaUXN0x_do&sig=Cg0ArKJSzI9r6ODh5fEcEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 floating-unit.20240408-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 51ms
51ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20240408-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0196df6ee49ed43d78f2510ce82faff8c90d77e163dea8fdf4b10fb128fa74cd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: aioSvv8hBL8thHwGCrUxn333o9Dyimx2
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: VZ1GR64YZH3E4H4R
age: 37323
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2508
x-amz-id-2: 96VnvLc7r+4mrmXqBhmUW21iuRKaU3S8CO7YreLFaAybDZmonYgy6B8tBz+kVNZo9yVRML84Sys=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:02:30 GMT
server: AmazonS3
x-timer: S1712777073.472065,VS0,VE0
etag: "550a13438296fc7c28c206ee5ca1c553"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 365

GET
H2 200 UnitFeedManagerMobile.min.js Show response
vidstat.taboola.com/lite-unit/4.8.9/ 122 KB
34 KB 151ms
49ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29d6b86445f31b537c584e82a25747a833d6d21ebaf66eecd1a4926864075419

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 607dba8359ad47c5cb66e6b0ee315d8a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MAD56-P1
age: 123724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34581
x-served-by: cache-mad2200120-MAD
last-modified: Tue, 09 Apr 2024 09:01:12 GMT
server: AmazonS3
x-timer: S1712777074.572877,VS0,VE0
etag: "939742f853c01dcdde5cbb2a32679d47"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 6r5tXolg5pHx6VWgyC58unWkIhVE6PmJHcHt6vsG3xSN1R-K455oNg==
x-cache-hits: 42984

GET
H2 200 feed-card-placeholder.20240408-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240408-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e66077ac683aae40f095833c910c1e8a9079c3791f7a7d0971770b3264f1ffdf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ppe9j5eZYHnfXXhQYFbFGiss93BnDKs4
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: VVNBCMHV47DWRDYX
age: 37331
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: PmRHOBbsXvUDoQPk0jDD6q0rnTmE6ixDu0MKJDY9Vf2c8Gdis5Kq9rc4W5CvJKpGEpgIG89SihA=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:02:22 GMT
server: AmazonS3
x-timer: S1712777073.474396,VS0,VE0
etag: "0fb7d5453dd7287f1491bb912db1d631"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7182

GET
H2 200 userx.20240408-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 53ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240408-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 955d29d5e5633ad8f210695a518f44aae6536f1f30f86cf867ca0884d6096b3e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fCvTPO_WSqCPBuh.p00SVpDE6lXMjCPK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: J7FPQG4PJT1PT95X
age: 37261
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5539
x-amz-id-2: wIkoGWdOCq1bCEtSP5NNFxLPHyoHdYQzQ4Vhqo+6mJr7mg/20HEZIt672YnZRp4Eulvq6ni4OTY=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:03:32 GMT
server: AmazonS3
x-timer: S1712777073.481798,VS0,VE0
etag: "51f74c335cc40801bd8d200530af74aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1712

GET
H2 200 distance-from-article.20240408-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 53ms
53ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240408-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cc8c92b47c572f70fdfcebe469f0f23073b87c309196729e48a5cc73922b2a1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .jzSlldEcrCZAionZfN2idwjD1zVgEAK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: XZWB2722VZPMHEV9
age: 37344
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1523
x-amz-id-2: xMRhVQsFV6B/vZ0Qt3IWVy2JEhhBMV/Smf1g2hyRIe+pko78xmYVSzoBcNHjDb8SNu8DnmuqGwE=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:02:08 GMT
server: AmazonS3
x-timer: S1712777073.482063,VS0,VE0
etag: "f63242cd269d86c18cca12fef6161ad0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6957

GET
H2 200 article-detection.20240408-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 53ms
53ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240408-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b3dd7ed252cc316eaffe5cb1cc5d973f2d3ae3184ca143b206255459ad026b8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ZFkaQYXuKBWY2nmyIaMXPeflDIn3uvEw
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: EEDRQ4J4AVRE5AD1
age: 37367
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: Cf9VSdXPY4Hdu2riGJRLJ4Cn9fx9Q7iJRyVT2mCUxHIGrY88wxWsj+REOaMLVJHrJEImzGOd2tI=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:01:46 GMT
server: AmazonS3
x-timer: S1712777073.482098,VS0,VE0
etag: "68c1f498fffa806c06bdcd0e7d8bbd30"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 19
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7014

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 53ms
53ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: EXTXG0N2Q1D7KBSV
age: 39
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Pt7v4aoAVpJsKmAnzr5k99Ext/Kj7E7B8TIJzAuaqEH46Oxo6mgI9Z0UEFH//ncKxvYvG8UezcI=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1712777073.486520,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 17
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 73

POST
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 32ms
13ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=16048&tvi50=15661&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1712777073458%7D&tim=21%3A24%3A33.458&id=6019&llvl=2&ri=34aba7a2b94fe33095dc5eacb6b5af26&sd=v2_af8a6ec550018537059c92a8c705b06e_de1af9de-da89-4443-9265-156740178840-tuctd106cf1_1712777073_1712777073_CIi3jgYQ8-NDGMui4MvsMSABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=de1af9de-da89-4443-9265-156740178840-tuctd106cf1&pi=/&wi=-1709852854480885386&pt=home&vi=1712777072971&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=21%3A24%3A33.434&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=3012&cv=20240408-4-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17266

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 31ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=16048&tvi50=15661&lti=deflated&ri=34aba7a2b94fe33095dc5eacb6b5af26&sd=v2_af8a6ec550018537059c92a8c705b06e_de1af9de-da89-4443-9265-156740178840-tuctd106cf1_1712777073_1712777073_CIi3jgYQ8-NDGMui4MvsMSABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=de1af9de-da89-4443-9265-156740178840-tuctd106cf1&pi=/&wi=-1709852854480885386&pt=home&vi=1712777072971&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=21%3A24%3A33.439&id=7634&llvl=2&cv=20240408-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 31ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=16048&tvi50=15661&lti=deflated&ri=34aba7a2b94fe33095dc5eacb6b5af26&sd=v2_af8a6ec550018537059c92a8c705b06e_de1af9de-da89-4443-9265-156740178840-tuctd106cf1_1712777073_1712777073_CIi3jgYQ8-NDGMui4MvsMSABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=de1af9de-da89-4443-9265-156740178840-tuctd106cf1&pi=/&wi=-1709852854480885386&pt=home&vi=1712777072971&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1712777073445%7D&tim=21%3A24%3A33.445&id=8889&llvl=2&cv=20240408-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
89 B 30ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=21%3A24%3A33.456&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=7221&cv=20240408-4-RELEASE&lt=deflated&idx=pc&pc=split-1&st=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16725

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FD1 17 KB
6 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 29 KB
9 KB 486ms
486ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=21%3A24%3A33.484&route=AM:AM:V&tvi2=16048&tvi50=15661&lti=deflated&data=%7B%22id%22%3A237%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_af8a6ec550018537059c92a8c705b06e_de1af9de-da89-4443-9265-156740178840-tuctd106cf1_1712777073_1712777073_CIi3jgYQ8-NDGMui4MvsMSABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaI670Mmdm5iQc3AA%22%2C%22ui%22%3A%22de1af9de-da89-4443-9265-156740178840-tuctd106cf1%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1712739798959%2C%22vi%22%3A1712777072971%2C%22cv%22%3A%2220240408-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A800%2C%22sh%22%3A600%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2909%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1056.96875%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82058dc4365b2361a3e52046e42ab931f6412de09d8588853b1a8ec06e4db0f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 410
date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
via: 1.1 varnish
x-datadome: protected
cpu: 1.0304166666666668
x-fastly-to-nlb-rtt: 28375
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-mad22038-MAD
x-log-content-encoding: gzip
server: nginx
x-timer: S1712777074.517989,VS0,VS0,VE410
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?tvi2=16048&tvi50=15661&route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 c6c0b93bdd7f4d0c413cfb7b3eaccfd0
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 57ms
56ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edaaffb403fc27b48b387a23a96224a3b248c05251d4e03423b5341cb5f224a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
age: 599894
edge-cache-tag: 625370004747868633354619773296754255184,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625370004747868633354619773296754255184,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 83
req-referer: https://cdn.taboola.com/
content-length: 11680
x-request-id: 7474c94f9dcb735a75a327c49ff4a30d
x-served-by: cache-iad-kiad7000058-IAD, cache-iad-kiad7000058-IAD, cache-lga21983-LGA, cache-iad-kjyo7100034-IAD, cache-mad22038-MAD
last-modified: Wed, 03 Apr 2024 20:32:07 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=22933,owidth=1024,oheight=576,obytes=42619,ef=(1,13,17,23,30)
x-timer: S1712777074.523379,VS0,VE2
etag: "25fc539de95c83bb5487b7711748da1f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 12, 0

GET
H2 200 1fd07a160214f8fe334ef561930bfc47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 55ms
54ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7b3207bde2337d74fb51f934d5095994220c069871b9c31710cd2deb19c6b2c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
age: 185078
edge-cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 142
expiration: expiry-date="Wed, 24 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.macombdaily.com/
content-length: 16362
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100078-IAD, cache-lax-kwhp1940076-LAX, cache-iad-kiad7000123-IAD, cache-mad22038-MAD
last-modified: Sun, 24 Mar 2024 18:54:06 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=16362,owidth=1000,oheight=600,obytes=337911,ef=(1,13,17,23,30)
x-timer: S1712777074.524360,VS0,VE0
etag: "bd705815a3e6168b10df965f5126c740"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 5, 3

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 57ms
57ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 887f9a06c248d31c5637b53a68fa61a81392f67f137e0c93fa33e7dca3ee2aad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 1337461
edge-cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 59
expiration: expiry-date="Fri, 19 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://weather.com/
content-length: 15116
x-served-by: cache-iad-kjyo7100113-IAD, cache-iad-kjyo7100042-IAD, cache-iad-kiad7000136-IAD, cache-mad22038-MAD
last-modified: Tue, 19 Mar 2024 05:25:15 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15116,owidth=2139,oheight=1197,obytes=122388,ef=(1,13,17,23,30)
x-timer: S1712777074.525114,VS0,VE1
etag: "c64de5afe6c88990dc4e3d4d7d879f65"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 20087, 0

GET
H2 200 a811b077fb96251f2a0ee12223b400eb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 58ms
58ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a811b077fb96251f2a0ee12223b400eb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: debf4f2b0c5d2502f55776ae021dcf79feb8ed1d57b0639b4c7bab25a0bea40e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a811b077fb96251f2a0ee12223b400eb.jpg
age: 2267921
edge-cache-tag: 410253116549198623304330710546127138929,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 410253116549198623304330710546127138929,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 82
req-referer: https://www.indiatoday.in/
content-length: 16682
x-request-id: 37c312a9199d28723c177ea7505a9bf3
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kiad7000143-IAD, cache-lax-kwhp1940080-LAX, cache-iad-kjyo7100087-IAD, cache-mad22038-MAD
last-modified: Fri, 15 Mar 2024 06:55:21 GMT
server: nginx
surrogate-reporting: width=626,height=347,bytes=16682,owidth=626,oheight=417,obytes=31616,ef=(1,13,17,23,30)
x-timer: S1712777074.527265,VS0,VE1
etag: "260465d8e8bd337ffac42d69e9cfd17e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 15, 0

GET
H2 200 057581c87670dd306da4c49c24079e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 179ms
179ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fab174f5f557a25dc9a4d9f5364b533b2d318315499624e8eeaa6a6df923c7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 67
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
age: 1504771
edge-cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 130
expiration: expiry-date="Wed, 27 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sozcu.com.tr/
content-length: 16376
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kcgs7200111-IAD, cache-lga21932-LGA, cache-iad-kcgs7200050-IAD, cache-mad22038-MAD
last-modified: Sun, 25 Feb 2024 01:08:44 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=56874,owidth=1200,oheight=800,obytes=502835,ef=(1,13,17,23,30)
x-timer: S1712777074.532568,VS0,VE67
etag: "c0226d5ae26611b528f0f10bba2b1f97"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 40, 1, 39, 0

GET
H2 200 c8c6bc7f6a33ac291b32692daa969bcc.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_0/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 53ms
53ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_0/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c6bc7f6a33ac291b32692daa969bcc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fffb21aa63c9893df68b0a208972a23167c4391b9185cf5f673262dc8de9350a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_0/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c6bc7f6a33ac291b32692daa969bcc.jpg
age: 197605
edge-cache-tag: 422362691372295551694577853886639507730,496622254364126636278256746074691194878,29ecf9b93bbf306179626feeda1fab70
cache-tag: 422362691372295551694577853886639507730,496622254364126636278256746074691194878,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 444
req-referer: https://www.lefigaro.fr/marseille/marseille-un-homme-tue-au-cours-d-une-fusillade-20240408
content-length: 17244
x-request-id: 6a5d2df1c128310d9151542050a356e1
x-served-by: cache-iad-kiad7000023-IAD, cache-iad-kjyo7100179-IAD, cache-iad-kcgs7200044-IAD, cache-mad22038-MAD
last-modified: Thu, 04 Apr 2024 15:37:01 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=17244,owidth=1000,oheight=600,obytes=114997,ef=(1,13,17,23,30)
x-timer: S1712777074.536463,VS0,VE1
etag: "ca8fe56ae0c2dbea89724f57076fe5e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 0

GET
H2 200 cbc4ff48a0d97ad461cb9251ebd9413a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 124ms
123ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc4ff48a0d97ad461cb9251ebd9413a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f19b074f93f40ee190ec21c5e0185f9fdf8758082d44b773ead879e31bf19a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc4ff48a0d97ad461cb9251ebd9413a.jpg
age: 876321
edge-cache-tag: 490625937695170614972830461588672232188,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 490625937695170614972830461588672232188,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 676
expiration: expiry-date="Fri, 05 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wiadomosci.dziennik.pl/
content-length: 11000
x-served-by: cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100020-IAD, cache-iad-kcgs7200033-IAD, cache-mad22038-MAD
last-modified: Tue, 05 Mar 2024 15:45:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=11000,owidth=6314,oheight=3446,obytes=4208455,ef=(1,13,17,23,30)
x-timer: S1712777074.579809,VS0,VE2
etag: "33abb650e1b351e23126d7a1cffbc554"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 41, 0

GET
H2 200 d9fe27b41022512a6a669a2ad33725bd.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
18 KB 152ms
152ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9fe27b41022512a6a669a2ad33725bd.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef079198fc55d2a6c7af73ce28711b2120c035c8c7127b47c98e17abbf38e2e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 99
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9fe27b41022512a6a669a2ad33725bd.jpeg
age: 122752
edge-cache-tag: 371181728040333977515253672189178714251,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371181728040333977515253672189178714251,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 58
req-referer: https://www.sheee.co.il/
content-length: 18061
x-request-id: 6b1bfab25f955cc54ffcd9c33b6bd27b
x-served-by: cache-iad-kiad7000137-IAD, cache-iad-kjyo7100124-IAD, cache-iad-kcgs7200163-IAD, cache-mad22038-MAD
last-modified: Mon, 08 Apr 2024 14:59:56 GMT
server: nginx
surrogate-reporting: width=480,height=400,bytes=18061,owidth=600,oheight=400,obytes=25792,ef=(1,13,17,23,30)
x-timer: S1712777074.581957,VS0,VE99
etag: "bf08ce9c3ab44235af286ed8866bc585"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3, 0

GET
H2 200 50f0cb8c61ad1a96006372b4cbc8f87a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 118ms
118ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50f0cb8c61ad1a96006372b4cbc8f87a.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3583a4abef8e9e98c438e02a69aeb4ade835a37dab6b2ed65aeb2afff58f355a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50f0cb8c61ad1a96006372b4cbc8f87a.png
age: 679868
edge-cache-tag: 533991243108981189632064701453487622647,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 533991243108981189632064701453487622647,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 146
expiration: expiry-date="Fri, 23 Feb 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://topgentlemen.com/
content-length: 25912
x-served-by: cache-iad-kiad7000086-IAD, cache-iad-kjyo7100109-IAD, cache-lax-kwhp1940064-LAX, cache-iad-kjyo7100062-IAD, cache-mad22038-MAD
last-modified: Tue, 23 Jan 2024 12:45:19 GMT
server: nginx
surrogate-reporting: width=614,height=512,bytes=25912,owidth=780,oheight=512,obytes=384228,ef=(1,13,17,23,30)
x-timer: S1712777074.588804,VS0,VE2
etag: "b2b836de966b35cf4eb50d719fca2c26"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8, 0, 3, 0

GET
H2 200 586416558__VgNU5kgT.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1430%2Cx_0%2Cy_70/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/ 13 KB
14 KB 116ms
116ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1430%2Cx_0%2Cy_70/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/586416558__VgNU5kgT.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d1698cd130c6df5ca320526301408bb5363c7c44400d85a2b754e9ce563dec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1430%2Cx_0%2Cy_70/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/586416558__VgNU5kgT.jpg
age: 2853487
edge-cache-tag: 487636452132588620642873085923528855714,417271263870181539336108947165387010294,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487636452132588620642873085923528855714,417271263870181539336108947165387010294,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 89
req-referer: https://www.zeebiz.com/
content-length: 13302
x-request-id: efc8b2a7c5d51dfcf64b91b9df2f40d5
x-served-by: cache-iad-kjyo7100106-IAD, cache-iad-kiad7000174-IAD, cache-iad-kiad7000179-IAD, cache-mad22038-MAD
last-modified: Mon, 26 Feb 2024 20:34:42 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=19518,owidth=2121,oheight=1414,obytes=1797997,ef=(1,13,17,23,30)
x-timer: S1712777074.592916,VS0,VE2
etag: "e445beabe83c9a7510f0f6e2c15de9b3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 65, 0

GET
H2 206 https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1679261701%2Fgdetfj8uapoef9uovk9f.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 686 KB
687 KB 64ms
56ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1679261701%2Fgdetfj8uapoef9uovk9f.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.44 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d290e69efca60b326720ab2ed0cb527f993c0cb829c0f8ad08d72a37dde79173

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=604800
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 10 Apr 2024 19:24:33 GMT
age: 1770084
x-cache: HIT, HIT
Content-Range: bytes 0-702591/702592
server-timing: cld-akam;mitm=f;dur=60;start=2023-11-20T02:30:24.328Z;desc=miss,rtt;dur=0,content-info;desc="width=800,height=450,abps=106185,fps=60.0,du=6.617,vc=\"h264\",bytes=702592",cloudinary;dur=160;start=2023-11-19T16:29:42.842Z
Content-Length: 702592
x-backend-name: fastlyshield--shield_cache_iad_kjyo7100147_IAD
x-served-by: cache-iad-kjyo7100147-IAD, cache-mad22038-MAD
last-modified: Wed, 11 Oct 2023 12:46:36 GMT
server: Cloudinary
x-timer: S1712777074.546983,VS0,VE1
etag: "2b3c528681461a17cb8b4bd755e8d23a"
vary: /video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1679261701%2Fgdetfj8uapoef9uovk9f.mp4
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 609037, 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame CD82 40 KB
16 KB 264ms
264ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4347819422954074&correlator=1159380750969057&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=7047%3A22861843909%2Capl%2Cdisplaypartner%2Cneerajanuj%2C22861843909&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C320x50%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712777073510&lmt=1712777073&adxs=237&adys=920&biw=1600&bih=1200&isw=120&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=7h868hjdwhq5&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&nhd=1&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=120x-1&msz=336x-1&fws=768&ohw=0&ga_vid=377250225.1712777074&ga_sid=1712777074&ga_hid=1911319845&ga_fc=false&dlt=1712777073129&idt=265&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26excl_cat%3DPREPOST&adks=2090182472&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

985b3bd8d51c73637e709cc2fea41c7dfcfc8e47f6ab86b870ae437c5ee7bfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16646
x-xss-protection: 0
google-lineitem-id: 6702963581
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138471515095
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CD82 16 KB
12 KB 65ms
65ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

cd9762aa8a69456cd0112d3b546da6ae49ce29fe2d2e356b6cc70c1b618c196d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0

GET
H2 200 container.html
12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1ACB 0
0 78ms
51ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:33 GMT
expires: Thu, 10 Apr 2025 19:24:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main_00007.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 80 KB
80 KB 28ms
28ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00007.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a1f8830bf12c161fff76ea8052efecbe1e35a118f80e8492a0e9bcb765e1c5e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 82992
x-accel-date: 1712694081
content-length: 81592
x-77-nzt: EgwB1GY4tAHXMEQBAAwBJRPCMQH3G3sNAA
x-accel-expires: @1712847398
x-77-age: 966475
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-13eb8"
x-77-nzt-ray: 6d204d116fc3119771e716661eca931f
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00008.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 37ms
37ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00008.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3e7ef45e2bd7b402fb8e5b1e3fc9e87a9f647ae661caf403c1d2d31eb70de2ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 265288
x-accel-date: 1712511785
content-length: 2597
x-77-nzt: EgwB1GY4tAHXSAwEAAwB1GY4EQH3CZ0FAA
x-accel-expires: @1713180704
x-77-age: 633169
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119771e71666382eb41f
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 next-up-widget.20240408-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 83ms
83ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20240408-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6297366ae04118f8186b03b309a16b387b1f53b7dbdf89eb72af7f846af4b708

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: aaepFBgu56ubzoHKKYi10RD0IyLDuGg0
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:33 GMT
x-amz-request-id: NJAG9TMJJZ32Z0DS
age: 37311
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4671
x-amz-id-2: lQfTKuQOBbcauLVSZJHVerDxD6L70LcNlfi3fS6iwwq8dtLGgKc9Om7GFF+JAAB1bsznVrvrfwg=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 10 Apr 2024 09:02:42 GMT
server: AmazonS3
x-timer: S1712777074.549246,VS0,VE0
etag: "7fd8905c3821681d52e2cd34b4ef588a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 18
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 362

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=16048&tvi50=15661&lti=deflated&ri=34aba7a2b94fe33095dc5eacb6b5af26&sd=v2_af8a6ec550018537059c92a8c705b06e_de1af9de-da89-4443-9265-156740178840-tuctd106cf1_1712777073_1712777073_CIi3jgYQ8-NDGMui4MvsMSABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=de1af9de-da89-4443-9265-156740178840-tuctd106cf1&pi=/&wi=-1709852854480885386&pt=home&vi=1712777072971&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22296.96875%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A24%3A33.526&id=1458&llvl=2&cv=20240408-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame A94B 40 KB
16 KB 245ms
245ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1380143462799882&correlator=229803309586708&eid=31079956%2C31081518%2C31082638%2C95327819%2C44807746%2C21065724&output=ldjh&gdfp_req=1&vrg=202404080101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=7047%3A22861843909%2Capl%2Cdisplaypartner%2Cneerajanuj%2C22861843909&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C320x50%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712777073530&lmt=1712777073&adxs=642&adys=305&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=51738hzlmja&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&nhd=1&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=300x-1&msz=336x-1&fws=768&ohw=0&ga_vid=959987458.1712777074&ga_sid=1712777074&ga_hid=39231504&ga_fc=false&dlt=1712777073123&idt=282&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26excl_cat%3DPREPOST&adks=2090182472&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4cbae368c243b50f95ac6d20be51d092cc76e25949a6d6596bda864a0b341365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16632
x-xss-protection: 0
google-lineitem-id: 6702963581
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138471515095
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A94B 16 KB
12 KB 65ms
65ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3206614759e8368b597cad0b1ecff9800d100a32c884462f8383bde108401c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12273
x-xss-protection: 0

GET
H2 200 container.html
e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F75 0
0 65ms
51ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:33 GMT
expires: Thu, 10 Apr 2025 19:24:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7b3207bde2337d74fb51f934d5095994220c069871b9c31710cd2deb19c6b2c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
age: 185078
edge-cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 142
expiration: expiry-date="Wed, 24 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.macombdaily.com/
content-length: 16362
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100078-IAD, cache-lax-kwhp1940076-LAX, cache-iad-kiad7000123-IAD, cache-mad22038-MAD
last-modified: Sun, 24 Mar 2024 18:54:06 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=16362,owidth=1000,oheight=600,obytes=337911,ef=(1,13,17,23,30)
x-timer: S1712777074.582407,VS0,VE0
etag: "bd705815a3e6168b10df965f5126c740"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 5, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edaaffb403fc27b48b387a23a96224a3b248c05251d4e03423b5341cb5f224a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
age: 599894
edge-cache-tag: 625370004747868633354619773296754255184,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625370004747868633354619773296754255184,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 83
req-referer: https://cdn.taboola.com/
content-length: 11680
x-request-id: 7474c94f9dcb735a75a327c49ff4a30d
x-served-by: cache-iad-kiad7000058-IAD, cache-iad-kiad7000058-IAD, cache-lga21983-LGA, cache-iad-kjyo7100034-IAD, cache-mad22038-MAD
last-modified: Wed, 03 Apr 2024 20:32:07 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=22933,owidth=1024,oheight=576,obytes=42619,ef=(1,13,17,23,30)
x-timer: S1712777074.597664,VS0,VE1
etag: "25fc539de95c83bb5487b7711748da1f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 12, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 887f9a06c248d31c5637b53a68fa61a81392f67f137e0c93fa33e7dca3ee2aad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 1337461
edge-cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 59
expiration: expiry-date="Fri, 19 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://weather.com/
content-length: 15116
x-served-by: cache-iad-kjyo7100113-IAD, cache-iad-kjyo7100042-IAD, cache-iad-kiad7000136-IAD, cache-mad22038-MAD
last-modified: Tue, 19 Mar 2024 05:25:15 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15116,owidth=2139,oheight=1197,obytes=122388,ef=(1,13,17,23,30)
x-timer: S1712777074.714783,VS0,VE1
etag: "c64de5afe6c88990dc4e3d4d7d879f65"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 20087, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a811b077fb96251f2a0ee12223b400eb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: debf4f2b0c5d2502f55776ae021dcf79feb8ed1d57b0639b4c7bab25a0bea40e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a811b077fb96251f2a0ee12223b400eb.jpg
age: 2267921
edge-cache-tag: 410253116549198623304330710546127138929,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 410253116549198623304330710546127138929,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 82
req-referer: https://www.indiatoday.in/
content-length: 16682
x-request-id: 37c312a9199d28723c177ea7505a9bf3
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kiad7000143-IAD, cache-lax-kwhp1940080-LAX, cache-iad-kjyo7100087-IAD, cache-mad22038-MAD
last-modified: Fri, 15 Mar 2024 06:55:21 GMT
server: nginx
surrogate-reporting: width=626,height=347,bytes=16682,owidth=626,oheight=417,obytes=31616,ef=(1,13,17,23,30)
x-timer: S1712777074.714760,VS0,VE1
etag: "260465d8e8bd337ffac42d69e9cfd17e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 15, 1

GET
H2 200 main_00008.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 79 KB
79 KB 25ms
25ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00008.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d2cac5f55d8f1e96424c5fc6755ba87d861ffafc203e20ee74141796f40bcfb1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:33 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 233248
x-accel-date: 1712543825
content-length: 80464
x-77-nzt: EgwB1GY4tAHXII8DAAwB1GY4EQH3la0AAA
x-accel-expires: @1713536188
x-77-age: 277685
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-13a50"
x-77-nzt-ray: 6d204d116fc3119771e71666ea30ec21
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_0/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c6bc7f6a33ac291b32692daa969bcc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fffb21aa63c9893df68b0a208972a23167c4391b9185cf5f673262dc8de9350a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1000%2Cx_0%2Cy_0/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8c6bc7f6a33ac291b32692daa969bcc.jpg
age: 197605
edge-cache-tag: 422362691372295551694577853886639507730,496622254364126636278256746074691194878,29ecf9b93bbf306179626feeda1fab70
cache-tag: 422362691372295551694577853886639507730,496622254364126636278256746074691194878,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 444
req-referer: https://www.lefigaro.fr/marseille/marseille-un-homme-tue-au-cours-d-une-fusillade-20240408
content-length: 17244
x-request-id: 6a5d2df1c128310d9151542050a356e1
x-served-by: cache-iad-kiad7000023-IAD, cache-iad-kjyo7100179-IAD, cache-iad-kcgs7200044-IAD, cache-mad22038-MAD
last-modified: Thu, 04 Apr 2024 15:37:01 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=17244,owidth=1000,oheight=600,obytes=114997,ef=(1,13,17,23,30)
x-timer: S1712777074.714807,VS0,VE1
etag: "ca8fe56ae0c2dbea89724f57076fe5e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CD82 17 KB
6 KB 52ms
52ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A94B 17 KB
6 KB 57ms
57ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EF2 0
0 20ms
20ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2832 0
0 53ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssMJ2-4yN-EqXarrMf6bdXwoLeTNI6C_Xfv6p0N9wWIdf442Vl77T9keUge__5fxhNoVSx8YqCt2T1FnDWBUJCY_g6InGH9yc19LDOB31hC0moPutdhHdkMGaE-S-EIBOJMsa0Xr45pEH1-WXkq3OfnZfoe0fXyIZIebrRKYAIFMXcr5YAktDG6urX2fchH91rmYtUX4k_-zbuZ3eo98LnGBCFKrjQP3bTsKIZb9NgFnnpApn0Lm6TPxyVLDOo0p7ROESEQigd7O5ykQ1O8IdkC7MML9X85EKPW2KNmM_qLeH1KrskqhmHEaYTPplq4l9_if_LzXWEawkF162qiM49eFoOfykWTENRrOuFUygHJ6TzSgUFCEtTe5Jm6SgrbkYuJ2_4o1moqDl6zLYGysF3E9cPrHZ6ynw9n&sig=Cg0ArKJSzEt8JSz5GxatEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 2832 23 KB
9 KB 22ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2832 91 KB
29 KB 62ms
62ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

11a36f483b15177af560a61b71b2db2fe51229dc56c886281cbbbfe5cf8aac6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29407
x-xss-protection: 0
server: cafe
etag: 976 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2832 214 KB
65 KB 22ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?tvi2=16048&tvi50=15661&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 c6c0b93bdd7f4d0c413cfb7b3eaccfd0
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 56ms
54ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53c112aa735a17c856d7898b93892f6fdb31c173dc39eac3fce0ccf455028590

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
age: 396921
edge-cache-tag: 625370004747868633354619773296754255184,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625370004747868633354619773296754255184,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 15
req-referer: https://flytant.com/
content-length: 9215
x-request-id: 86f90c08568cb2fbe20ac2c32500838e
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kjyo7100080-IAD, cache-lga21980-LGA, cache-iad-kiad7000120-IAD, cache-mad22038-MAD
last-modified: Wed, 03 Apr 2024 20:32:07 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=9215,owidth=1024,oheight=576,obytes=42619,ef=(1,13,17,23,30)
x-timer: S1712777074.714717,VS0,VE1
etag: "a339920174b30a87fe21fb7a2c14f471"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 68, 0

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A320 0
0 23ms
22ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A95 0
0 21ms
19ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2832 0
0 50ms
50ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cbc4ff48a0d97ad461cb9251ebd9413a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 52ms
52ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc4ff48a0d97ad461cb9251ebd9413a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f19b074f93f40ee190ec21c5e0185f9fdf8758082d44b773ead879e31bf19a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc4ff48a0d97ad461cb9251ebd9413a.jpg
age: 876321
edge-cache-tag: 490625937695170614972830461588672232188,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 490625937695170614972830461588672232188,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 676
expiration: expiry-date="Fri, 05 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wiadomosci.dziennik.pl/
content-length: 11000
x-served-by: cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100020-IAD, cache-iad-kcgs7200033-IAD, cache-mad22038-MAD
last-modified: Tue, 05 Mar 2024 15:45:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=11000,owidth=6314,oheight=3446,obytes=4208455,ef=(1,13,17,23,30)
x-timer: S1712777074.729449,VS0,VE1
etag: "33abb650e1b351e23126d7a1cffbc554"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 41, 1

GET
DATA 200
OK truncated
/ Frame 2832 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c44101b466c122e6a5b0d49a20ff71202dbad674e325934707ceb1170161b18e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50f0cb8c61ad1a96006372b4cbc8f87a.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3583a4abef8e9e98c438e02a69aeb4ade835a37dab6b2ed65aeb2afff58f355a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50f0cb8c61ad1a96006372b4cbc8f87a.png
age: 679868
edge-cache-tag: 533991243108981189632064701453487622647,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 533991243108981189632064701453487622647,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 146
expiration: expiry-date="Fri, 23 Feb 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://topgentlemen.com/
content-length: 25912
x-served-by: cache-iad-kiad7000086-IAD, cache-iad-kjyo7100109-IAD, cache-lax-kwhp1940064-LAX, cache-iad-kjyo7100062-IAD, cache-mad22038-MAD
last-modified: Tue, 23 Jan 2024 12:45:19 GMT
server: nginx
surrogate-reporting: width=614,height=512,bytes=25912,owidth=780,oheight=512,obytes=384228,ef=(1,13,17,23,30)
x-timer: S1712777074.736225,VS0,VE1
etag: "b2b836de966b35cf4eb50d719fca2c26"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8, 0, 3, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1430%2Cx_0%2Cy_70/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/586416558__VgNU5kgT.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d1698cd130c6df5ca320526301408bb5363c7c44400d85a2b754e9ce563dec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1430%2Cx_0%2Cy_70/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/586416558__VgNU5kgT.jpg
age: 2853487
edge-cache-tag: 487636452132588620642873085923528855714,417271263870181539336108947165387010294,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487636452132588620642873085923528855714,417271263870181539336108947165387010294,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 89
req-referer: https://www.zeebiz.com/
content-length: 13302
x-request-id: efc8b2a7c5d51dfcf64b91b9df2f40d5
x-served-by: cache-iad-kjyo7100106-IAD, cache-iad-kiad7000174-IAD, cache-iad-kiad7000179-IAD, cache-mad22038-MAD
last-modified: Mon, 26 Feb 2024 20:34:42 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=19518,owidth=2121,oheight=1414,obytes=1797997,ef=(1,13,17,23,30)
x-timer: S1712777074.768700,VS0,VE1
etag: "e445beabe83c9a7510f0f6e2c15de9b3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 65, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fab174f5f557a25dc9a4d9f5364b533b2d318315499624e8eeaa6a6df923c7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
age: 1504771
edge-cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 130
expiration: expiry-date="Wed, 27 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sozcu.com.tr/
content-length: 16376
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kcgs7200111-IAD, cache-lga21932-LGA, cache-iad-kcgs7200050-IAD, cache-mad22038-MAD
last-modified: Sun, 25 Feb 2024 01:08:44 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=56874,owidth=1200,oheight=800,obytes=502835,ef=(1,13,17,23,30)
x-timer: S1712777074.773217,VS0,VE1
etag: "c0226d5ae26611b528f0f10bba2b1f97"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 40, 1, 39, 1

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ Frame 2832 443 KB
138 KB 21ms
21ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 11:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29996
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 11:04:37 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9fe27b41022512a6a669a2ad33725bd.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef079198fc55d2a6c7af73ce28711b2120c035c8c7127b47c98e17abbf38e2e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9fe27b41022512a6a669a2ad33725bd.jpeg
age: 122752
edge-cache-tag: 371181728040333977515253672189178714251,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371181728040333977515253672189178714251,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 58
req-referer: https://www.sheee.co.il/
content-length: 18061
x-request-id: 6b1bfab25f955cc54ffcd9c33b6bd27b
x-served-by: cache-iad-kiad7000137-IAD, cache-iad-kjyo7100124-IAD, cache-iad-kcgs7200163-IAD, cache-mad22038-MAD
last-modified: Mon, 08 Apr 2024 14:59:56 GMT
server: nginx
surrogate-reporting: width=480,height=400,bytes=18061,owidth=600,oheight=400,obytes=25792,ef=(1,13,17,23,30)
x-timer: S1712777074.773196,VS0,VE1
etag: "bf08ce9c3ab44235af286ed8866bc585"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53c112aa735a17c856d7898b93892f6fdb31c173dc39eac3fce0ccf455028590

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6c0b93bdd7f4d0c413cfb7b3eaccfd0
age: 396921
edge-cache-tag: 625370004747868633354619773296754255184,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625370004747868633354619773296754255184,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 15
req-referer: https://flytant.com/
content-length: 9215
x-request-id: 86f90c08568cb2fbe20ac2c32500838e
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kjyo7100080-IAD, cache-lga21980-LGA, cache-iad-kiad7000120-IAD, cache-mad22038-MAD
last-modified: Wed, 03 Apr 2024 20:32:07 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=9215,owidth=1024,oheight=576,obytes=42619,ef=(1,13,17,23,30)
x-timer: S1712777074.781021,VS0,VE2
etag: "a339920174b30a87fe21fb7a2c14f471"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 68, 1

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2832 0
0 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst6VMYEhhgnNJ_n-_yG-bnL_0sLbbWajkqHJsbOLAj6askiIJ1BeQXZIprY0WAhaBFClCB6xx2ndRihGMaRkelxgMhkP7eUARnIdkMrpR4kKYLvIVApcIvKwXupngCy3R0WkjR0J4c4pBmKIMnb_1dQ49_Gh_GaqT--0SWuUXmOLhspwNia6L4yLMllrJvET6F35mFQw5QHGh6VenLobdKi0Gb_X-HRRIpc_ljEifWNuwkGMD0vP7xYanN29_Q21k9L4Dm0x6Iev4IcdBWb13bKMGs4fONpxSqXV3FApflDXBomBBR6EFOrvF_RvkgAKZRlfWCwacNh5iA48kJJi2ftN1lYen4b2gRs6JuIxn8TQokX_1uEgNymanXv0oX_ZztgzrL0oL5zZCHu5Zkly-IgP9PrWJMxj5WDBFs&sig=Cg0ArKJSzG04gMmWLAm8EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 2832 655 B
359 B 351ms
351ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1652315441633055&correlator=1811866423631421&eid=31082619%2C95327889&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22917490941%3A22861843909%2Copamarketplace%2Cdisplaypartner%2Cneerajanuj%2C22861843909&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C320x50%7C300x250%7C320x100&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1712777073768&lmt=1712777073&adxs=650&adys=950&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=dr1gkhcny1ir&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&nhd=2&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ga_vid=1075578084.1712777074&ga_sid=1712777074&ga_hid=942674891&ga_fc=false&dlt=1712777073638&idt=117&adks=3846173608&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

84f5514063ca13ff102752bcb8fc04b0a735e5251d40ea2486aa48d8fedb8bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2832 16 KB
12 KB 80ms
80ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ad7dc92c1e359b82dcd87cd092d5c5834758b14c2ab2da37d7a0de283162de8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12382
x-xss-protection: 0

GET
H2 200 container.html
3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F979 0
0 72ms
53ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:33 GMT
expires: Thu, 10 Apr 2025 19:24:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 54DF 0
0 53ms
52ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsul9nqJUOcapQg-UFok8nliTYFeHnTg5vDCwU5XK1dfnKtP6fmekqgSqHBRFQpmAecihcl7KCYDRV007BQc3wHTICGkj_niCUbh6_bYidVtuyrurCZ0ID5cGUiy3NFb2o6-4EHeUA25Fr94tQM9_skLo1UfseXBb8SLkZxSs1I8P9TePdeuw3YGjw-9XK_FAb6ZiR3ldt2M1OM5bdR0t8oF_PAi6q2h5IY2U6S27ujeGKmkfwgVjWlaPti2x2VeJVw0zMrOLVqJ2qmB8AYnBOjodBx3r2YG9Ed0ScRGWNNGpIQBDL2XJ1zbDbs9xWTyYOzhOorLzCPPCOr0IPBvoMT3FgSdWopCTPtQbUJtLKoyegvE3K4ot5MEtTPp1aM9REaN5_v1eyMIZC3enthy0cHj8uZL1wBpHFf7&sig=Cg0ArKJSzKu47-As9KWmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 54DF 23 KB
9 KB 19ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 13:31:11 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 54DF 91 KB
29 KB 60ms
60ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

60e221295be2af3136b9cdba70e6b69bed89fbd54e4602a23f74efdda8523490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29413
x-xss-protection: 0
server: cafe
etag: 721 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 54DF 214 KB
65 KB 20ms
20ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F4AA 0
0 53ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstkTSKoP-mcPYGT7sxkBDeEUz-hFqV20Pv1N9asvPrIc8Tn_L9bKRsK_KEiWz-ffmrOY-s28zpSw1FLkxEKj9RF3nGW371pG4HeFqN_y5DC89a48yRq8v4USB9xHEuNITEjxrX63d6y5UWYCnPXSRCLXhC09_cjLAuBjVfjnbiDSfZ4D_6qom7Yp4QlpQgFRMNo-AQ0VhguD0YaPWZUWA97UF8fq3B0SzcBRASJkZDGo6C6Cp2iY83RRJPT8AJ7HN1MKrkwFefMUqqNFEtYzpw6NmQx289jv9kZKNJKAKaTJvkW6uVdoLFRGi3CppuQf8bfBAeKOIV9Kz9bNXXyMEDP9QMoIUU_qx0qCasfHdqmcx0exxK_Q6L3t0DI6MT-q6ouYFlRrRCs9hj9WFSHCE0VZYr2INrlWe6d&sig=Cg0ArKJSzMszhtuNgZdwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240408/r20110914/ Frame F4AA 23 KB
9 KB 23ms
23ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240408/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2024 14:07:48 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F4AA 91 KB
29 KB 60ms
60ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9ce48d6b7c8313e12de429117a9624e8f9118371448c624428766d644d02531d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29408
x-xss-protection: 0
server: cafe
etag: 691 / 19823 / m202404040101 / config-hash: 4184626635556839818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F4AA 214 KB
65 KB 19ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404080101/pubads_impl.js?cb=31082638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:07:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54DF 0
0 50ms
50ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 54DF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 159b8ba1bd7d9e2202e8c639e0d333b7dd31aeb17f47f9e4367183caec09dc7a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4AA 0
0 50ms
50ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F4AA 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f811a3b9f60ff1304c515d66553ecb4e6924fc687a56b4eb92fc60a5d9d5363f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2832 17 KB
6 KB 56ms
56ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:33 GMT

GET
H2 200 st
imprammp.taboola.com/ Frame 1A4C 0
0 155ms
73ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&cmcv=&pix=undefined&cb=1712777073878&uv=3392&tms=1712777073878&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!pl159704-872_vB!rbcatc_vA!smbs!tmaxc_vB!ufm_vD!ul159704-912_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=729ad43b-5e81-4c00-bc5a-0ecc5702ac8d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 10 Apr 2024 19:24:34 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mad2200091-MAD
x-timer: S1712777074.985500,VS0,VE31

GET
H2 200 sync
am-match.taboola.com/ Frame 88E0 0
0 56ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 10 Apr 2024 19:24:33 GMT
machineid: 440105
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
897 B 275ms
268ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1712777073882&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1635&pt=1583456211&tz=120&viewable=true&ddast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!pl159704-872_vB!rbcatc_vA!smbs!tmaxc_vB!ufm_vD!ul159704-912_vB&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 493b71b1c3501aaee7f694dabdd73cf76d34b7d222ca9ae89c161b3d83b51dc7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1485
x-cache: MISS
x-served-by: cache-mad22038-MAD
pragma: no-cache
server: nginx
x-timer: S1712777074.922992,VS0,VE216
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 39ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&cmcv=&pix=31589837&cb=1712777073878&uv=3392&tms=1712777073878&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!pl159704-872_vB!rbcatc_vA!smbs!tmaxc_vB!ufm_vD!ul159704-912_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1712777071360.1!ts:1712777073878&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
content-length: 0
server: nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ Frame 54DF 443 KB
138 KB 20ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 11:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29996
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 11:04:37 GMT

GET
H2 206 https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1679261701%2Fgdetfj8uapoef9uovk9f.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 64 KB
0 53ms
53ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1679261701%2Fgdetfj8uapoef9uovk9f.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.44 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=604800
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 10 Apr 2024 19:24:33 GMT
age: 1770084
x-cache: HIT, HIT
Content-Range: bytes 0-702591/702592
server-timing: cld-akam;mitm=f;dur=60;start=2023-11-20T02:30:24.328Z;desc=miss,rtt;dur=0,content-info;desc="width=800,height=450,abps=106185,fps=60.0,du=6.617,vc=\"h264\",bytes=702592",cloudinary;dur=160;start=2023-11-19T16:29:42.842Z
Content-Length: 702592
x-backend-name: fastlyshield--shield_cache_iad_kjyo7100147_IAD
x-served-by: cache-iad-kjyo7100147-IAD, cache-mad22038-MAD
last-modified: Wed, 11 Oct 2023 12:46:36 GMT
server: Cloudinary
x-timer: S1712777074.922963,VS0,VE1
etag: "2b3c528681461a17cb8b4bd755e8d23a"
vary: /video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1679261701%2Fgdetfj8uapoef9uovk9f.mp4
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 609037, 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ Frame F4AA 443 KB
138 KB 20ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 11:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29996
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Apr 2025 11:04:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 134B 0
0 52ms
52ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 134B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68989c37fc472b36a246a07ea573d5859751c4ffdfccdf2335d43764e45faeeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 134B 0
0 56ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvNDD79FOv1obdl0kyQpZuX_ZscnLNbNqRxxK0oHDwoDhSCETPfqn07Lzpz-u1X9Hc1jz0vybMH4yYNaAqGN9ArokX9TsjmrSCGuR7K4PYIlHX9rS5szH5Jbs1bnBzNE13MSVn1eh1fAvmRtgXnS5zRyiAVKzcy4E2tI8zurDJ8hDdWIHo6ZeDBEqxaafvyInKOhVxKhs-DgaxAintxVN3WBxVyyBMBJW8j5c5PslnSx6QdWjHFrRJauJ037gzIyOzRbHBOvdN6IubEF5LVLO5W65hE3KSZqojV6myPLHhp5YtfKuBrvQWzyLmUgTc111ZFmG4P45b5PVftTlxTWAsHZ59v8yZZOSa98plg6oW6cd3rHhoH7YSyDCp5IyrzMSt701I&sig=Cg0ArKJSzAtcBLkGAGn1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2296 0
0 52ms
51ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2296 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d7f6c22c1c45922feff702bf8e8fb189a3bba311086b80c4cb7ca7f360fc89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2296 0
0 54ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssUsv9NEh6NyiEhHfKmuS42kKuaAJXkw1_VO7eNdL6d_VaiIDcshpcKmkmTBJqC0FD3IErZqF0NrpP6nUohWTYV0diUEz4M50o35VQwIQKv9xjg6hIeGPsYzeGhzR1NlsjaP_Hw8POfKqXheMMD2nvTxuvbn13YXoRc7wHAruuK8YcCn6g_aJt7LIixEzsAEI1Aurr9vJQSXYAMt6Er9cOytWRuERO6iGd1i7W6z3sESXYCJc_VSvCji6e-SDpjx8GIfcaONsc1wTPJ1JBSCSgSZPmqTuaLD_eggyZOiWbccAmAFWYZVfELrgV0Tq_XpWRaQFITHZJ5o3Atg1IiWPUeNk64OHYmCy2u-YNERhGN0bG_RKDHALHR1rRhGm7KosOZTYY&sig=Cg0ArKJSzJKVNZioOPyuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1055 0
0 21ms
20ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F4AA 0
0 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv5Uwp8EZ4-6hkuVVHt3TTWlPKJmB7UnP5S_Gmuee5IZgZkDoB2axf5k53HvaKzGKJSv7C1gH5FkceitDCyynUsEZ7ZqQuV7K8JYZHaKw7ohCsyS9Q5-v7QmBoVdYF3DDldGHOvqtaev2vvZi7cRn9RIgO3RTHUT9szG_uPcmgOQs9lXo6hFJxkdknrIMoQ_yJV3QfJLQLEU-Uz8z3Xl3ktEwCbjP8WoyKw_Nb6N8DWjuOLQQ7uuGiVmdabcjGYDq3E5_MnA3Wsz4Jy71yzfGIPrNQWayIAsQTJVyKgv6YZRmAx5ArSR7RsOQGuG8GQOBLuCvGy-STE3J-Is6ZFoEFcXqZcAXGijtcss1X_hQ5OoBJd4LcYEnNC_NYH8F7nWOpOhQ2t1hJtRlXYecMzztYTS_7t2Chq1jlm7b4&sig=Cg0ArKJSzDwhzP5ecCQjEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame F4AA 655 B
360 B 236ms
235ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2119828592586916&correlator=1611010002800736&eid=31079956%2C95327888&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22917490941%3A22861843909%2Copamarketplace%2Cdisplaypartner%2Cneerajanuj%2C22861843909&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C320x50%7C300x250%7C320x100&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1712777073964&lmt=1712777073&adxs=660&adys=105&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=1bs6ndh0qgg8&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&nhd=2&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ga_vid=1381797003.1712777074&ga_sid=1712777074&ga_hid=1157714997&ga_fc=false&dlt=1712777073796&idt=152&adks=3846173608&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

be98179f98447bfeac41cf131fe1864dd9b6fa617ecf4174e4de687ce0ecbd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F4AA 16 KB
12 KB 69ms
69ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bc2148001231389027e92c57562845eba33107cadc6326c972ac39286a495eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12351
x-xss-protection: 0

GET
H2 200 container.html
7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F6C 0
0 66ms
52ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:34 GMT
expires: Thu, 10 Apr 2025 19:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 54DF 0
0 53ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstrfdG9_ZpII3RcUX-HM4Q6hmEghiKcbZe8tTQB3sFh9sYQvDE4MyZrzedMDjkudBZs18hg9ixRLJIErUX5lO63phhmf5G9ZAqd41y52qo2Xub9Mp83u6chGmbvvb6IRTS55ZqWsMLhkI40la3t_L_hY-hfL8VS12rd6Aw0LtixV1sUsjBSYOp1Ep0_Ry0sFx10PsH5AF1VJF9wGeFguK3MSPdlrmBHiAZhDlNF0wyIeay-6790bp9587iaj7a22dR3mls0Rn6VqfejuRgRIONCI-uAuLzKzi4MB1xkTiRrT_3WMvRZ-fr1oYqrGDigWXww-ZgZxGlF2da8KUxsKHV7xkQreYQDk5ksBtQ7XcbwaoQeO9-2F_i2VRHNkGIwU4paPfPTaBgVz6dil_dbQMRYP9FTYDrNYhXGBPY&sig=Cg0ArKJSzJLmN1rcxlVNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?tvi2=16048&tvi50=15661&route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 pubs-generic
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 14ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/pubs-generic?route=AM:AM:V&tvi2=16048&tvi50=15661&lti=deflated&d=%7B%22data%22%3A%22%7B%7D%22%2C%22type%22%3A%22recReel-available%22%2C%22eventTime%22%3A1712777074030%7D&tim=21%3A24%3A34.030&id=3587&llvl=2&ri=f2303a4e1ae099c69e6be45fe1e8d249&sd=v2_af8a6ec550018537059c92a8c705b06e_de1af9de-da89-4443-9265-156740178840-tuctd106cf1_1712777073_1712777073_CIi3jgYQ8-NDGMui4MvsMSABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=de1af9de-da89-4443-9265-156740178840-tuctd106cf1&pi=/&wi=-1709852854480885386&pt=home&vi=1712777072971&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 babe855e024a0741ceb13ba55118a9ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 51 KB
52 KB 53ms
53ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/babe855e024a0741ceb13ba55118a9ca.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6841687f1c3d6e48424e5848236972f0fd4940a4641f1ec95501a9d642c78654

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/babe855e024a0741ceb13ba55118a9ca.jpg
age: 4019666
edge-cache-tag: 526499991310399254233746344389252059931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526499991310399254233746344389252059931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 269
req-referer: https://wjla.com/
content-length: 52500
x-request-id: 2c2dc8634c403546a5a4d1d9407446c3
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kiad7000154-IAD, cache-lax-kwhp1940095-LAX, cache-iad-kjyo7100021-IAD, cache-mad22038-MAD
last-modified: Tue, 12 Sep 2023 18:48:30 GMT
server: nginx
surrogate-reporting: width=1280,height=640,bytes=112885,owidth=1280,oheight=720,obytes=118873
x-timer: S1712777074.066984,VS0,VE1
etag: "451a7b4152f959da2ee1eaef515438db"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 114, 0

GET
H2 200 8e9bf76326ad0694d1b1cbd9a9c5924d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 145ms
145ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e9bf76326ad0694d1b1cbd9a9c5924d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b6b3eeaf142650d695b72bdb83f9edd271e671d4d6574f8016fb01c99da858

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 93
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e9bf76326ad0694d1b1cbd9a9c5924d.jpeg
age: 374230
edge-cache-tag: 299712801445471152425787335019770793867,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 299712801445471152425787335019770793867,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 405
req-referer: https://www.cosmopolitan.com/
content-length: 11682
x-request-id: a51f51be4d9a98aa5a6f331ac75562ca
x-served-by: cache-iad-kjyo7100172-IAD, cache-iad-kcgs7200146-IAD, cache-lga21975-LGA, cache-iad-kiad7000036-IAD, cache-mad22038-MAD
last-modified: Thu, 07 Mar 2024 13:05:10 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15029,owidth=1000,oheight=667,obytes=73192,ef=(1,13,17,23,30)
x-timer: S1712777074.067261,VS0,VE93
etag: "d7a58b7ea3eed3b35c41e48e82d51fde"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 7, 0

GET
H2 200 048c07abb56fcddd01cec3f57ac4161d
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 165ms
165ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048c07abb56fcddd01cec3f57ac4161d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d182d979a9dc266976bd041bbd75775b78e912f0d9189b9bc88b9386c906cd2d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 113
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048c07abb56fcddd01cec3f57ac4161d
age: 241261
edge-cache-tag: 337313309456582407719594984209389919609,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 337313309456582407719594984209389919609,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 136
expiration: expiry-date="Fri, 26 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://7news.com.au/
content-length: 8428
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100021-IAD, cache-iad-kjyo7100177-IAD, cache-mad22038-MAD
last-modified: Tue, 26 Mar 2024 23:26:30 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=10753,owidth=1024,oheight=682,obytes=47626,ef=(1,13,17,23,30)
x-timer: S1712777074.067640,VS0,VE113
etag: "82dfa9d4d3b41e31b0afe08d971fea6b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 7, 0

GET
H2 200 517995089__ENB8ONDo.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_2121%2Cx_0%2Cy_171/c_fill%2Cw_740%2Ch_370/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 180 KB
181 KB 53ms
53ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_2121%2Cx_0%2Cy_171/c_fill%2Cw_740%2Ch_370/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/517995089__ENB8ONDo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dd93c7c7516f3e54ae97082a7bb89e8536b0bdb04656258c254bcc0871181c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_2121%2Cx_0%2Cy_171/c_fill%2Cw_740%2Ch_370/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/517995089__ENB8ONDo.jpg
age: 201885
edge-cache-tag: 336686882252237359149762386901809763152,564263902937440048080614688072349720912,29ecf9b93bbf306179626feeda1fab70
cache-tag: 336686882252237359149762386901809763152,564263902937440048080614688072349720912,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 970
req-referer: https://fussball.news/
content-length: 184637
x-request-id: 738ca0234a281893b56185b7191efef2
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200093-IAD, cache-lax-kwhp1940147-LAX, cache-iad-kcgs7200109-IAD, cache-mad22038-MAD
last-modified: Mon, 08 Apr 2024 09:09:14 GMT
server: nginx
surrogate-reporting: width=740,height=370,bytes=184637,owidth=2121,oheight=1414,obytes=3954534,ef=(1,13,17,23,30)
x-timer: S1712777074.067659,VS0,VE1
etag: "403753da75585851c0c175eb1ec01445"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 12, 0

GET
H2 200 bb36def5f607c7fdb4f67725597aee63.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 61ms
61ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb36def5f607c7fdb4f67725597aee63.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c94f109189bfe00d5571801adda2ab4194a1084a5577ff609699fcb14191903

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb36def5f607c7fdb4f67725597aee63.jpg
age: 3303792
edge-cache-tag: 323735913963596229244119591214653637302,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 323735913963596229244119591214653637302,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 228
expiration: expiry-date="Mon, 11 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espncricinfo.com/
content-length: 10124
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kiad7000021-IAD, cache-lga21929-LGA, cache-iad-kjyo7100033-IAD, cache-mad22038-MAD
last-modified: Fri, 09 Feb 2024 16:59:12 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18765,owidth=1999,oheight=1655,obytes=180494,ef=(1,13,17,23,30)
x-timer: S1712777074.068275,VS0,VE1
etag: "46dbb67bf195180a480bb57e4442270b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1456, 0

GET
H2 200 53cf1987067b7fccfa00418fbe10288f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 148ms
148ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53cf1987067b7fccfa00418fbe10288f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d0c7ae658ba4a4b4b6bee25bd2aceb568f360d908191ffb8b21a78e842c1d71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 96
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53cf1987067b7fccfa00418fbe10288f.jpg
age: 40414
edge-cache-tag: 522497108335767490384627368265562136150,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 522497108335767490384627368265562136150,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 177
req-referer: https://weather.com/
content-length: 24412
x-request-id: bf13b19c55f356a5273c113ba0663eb6
x-served-by: cache-iad-kiad7000058-IAD, cache-iad-kjyo7100079-IAD, cache-iad-kcgs7200087-IAD, cache-mad22038-MAD
last-modified: Sun, 31 Mar 2024 14:34:58 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=24412,owidth=1920,oheight=1280,obytes=1204002,ef=(1,13,17,23,30)
x-timer: S1712777074.068128,VS0,VE96
etag: "8ead080c67b40cb2b1ce439554be5f64"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2, 0

GET
H2 200 da44c7f0534d5e7fa9613b054085745d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 77 KB
78 KB 151ms
151ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f43f17e6185efd8787ac8ebf93e4c405d1305fd35659103fdbd47f748b45b27

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 98
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
age: 3124713
edge-cache-tag: 294763532160413351551879794594549042271,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294763532160413351551879794594549042271,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 159
expiration: expiry-date="Mon, 11 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lgkm.net/
content-length: 79282
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100022-IAD, cache-lax-kwhp1940034-LAX, cache-iad-kiad7000085-IAD, cache-mad22038-MAD
last-modified: Fri, 09 Feb 2024 08:34:48 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=79282,owidth=1200,oheight=630,obytes=1084945,ef=(1,13,17,23,30)
x-timer: S1712777074.123159,VS0,VE98
etag: "74d4c8119da3530103c70b89907b862d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 16, 0, 2, 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 54DF 655 B
355 B 401ms
401ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=91005710487247&correlator=3738928564163270&eid=31081654%2C44782503%2C21065724&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22917490941%3A22861843909%2Copamarketplace%2Cdisplaypartner%2Cneerajanuj%2C22861843909&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C320x50%7C300x250%7C320x100&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1712777074039&lmt=1712777074&adxs=255&adys=720&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=qfl942y53jj3&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&nhd=2&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ga_vid=1233954951.1712777074&ga_sid=1712777074&ga_hid=903236463&ga_fc=false&dlt=1712777073783&idt=189&adks=3846173608&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7bdb98ec3dac88330b87d4c1be1e7a13941217fb8ddeaab3508fe9a36f0a68b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 54DF 16 KB
12 KB 70ms
69ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

10b8aa68b9007634209abc64785a8d860a5e94c4c42d08112e450a4dd8632672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0

GET
H2 200 container.html
014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E70 0
0 67ms
53ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:34 GMT
expires: Thu, 10 Apr 2025 19:24:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 584233698__qz09ZLil.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 27 KB
28 KB 56ms
56ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/584233698__qz09ZLil.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2002205b295d92009f25ce998dd54523f9678a055e0153f09ff521e8c10eb8f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/584233698__qz09ZLil.jpg
age: 685853
edge-cache-tag: 320848492492590841945825396894820549452,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 320848492492590841945825396894820549452,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 15
expiration: expiry-date="Sun, 07 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.pressandguide.com/
content-length: 27958
x-served-by: cache-iad-kjyo7100096-IAD, cache-iad-kjyo7100170-IAD, cache-lax-kwhp1940052-LAX, cache-iad-kcgs7200178-IAD, cache-mad22038-MAD
last-modified: Thu, 07 Mar 2024 21:24:54 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=27958,owidth=2119,oheight=1414,obytes=1699103,ef=(1,13,17,23,30)
x-timer: S1712777074.131964,VS0,VE1
etag: "d89338deef0746ba5f39bade47d3066b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 9, 0

GET
H2 200 1df589291797e2195e53ab42c415192e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 58ms
58ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1df589291797e2195e53ab42c415192e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f76b82531d0e3192e2cb563d29238a96f4447383d5eafbd17b682ac4fdad9d82

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1df589291797e2195e53ab42c415192e.jpg
age: 1925895
edge-cache-tag: 415452788540976986456590839713280854670,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 415452788540976986456590839713280854670,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 348
req-referer: https://games.espn.com/
content-length: 18436
x-request-id: a7fed3511ab67374f50f43dce8a0f4d5
x-served-by: cache-iad-kiad7000157-IAD, cache-iad-kiad7000070-IAD, cache-iad-kiad7000163-IAD, cache-mad22038-MAD
last-modified: Tue, 19 Mar 2024 09:51:15 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18436,owidth=1999,oheight=1426,obytes=305924,ef=(1,13,17,23,30)
x-timer: S1712777074.131939,VS0,VE2
etag: "49dc0a2262fcb12114825fdf0ed72921"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 565, 0

GET
H2 200 98d4a035fe862df785d93baebf17dd3f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 122 KB
122 KB 53ms
53ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98cf8f15556eee834006eb76d9c738f323e974f60826f561e61596295924c27c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
age: 2516671
edge-cache-tag: 544211193292261258242371404021740651035,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544211193292261258242371404021740651035,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 28
expiration: expiry-date="Mon, 04 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.loudersound.com/
content-length: 124544
x-served-by: cache-iad-kjyo7100060-IAD, cache-iad-kjyo7100135-IAD, cache-ewr18179-EWR, cache-iad-kiad7000114-IAD, cache-mad22038-MAD
last-modified: Fri, 02 Feb 2024 01:52:49 GMT
server: nginx
surrogate-reporting: width=1280,height=640,bytes=124544,owidth=1280,oheight=768,obytes=492551,ef=(1,13,17,23,30)
x-timer: S1712777074.188726,VS0,VE1
etag: "ae776a0b75ee1db934486d9d365cffe4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 49, 1, 31, 0

GET
H2 200 11e9981679eb5f59fe0b8dc1b466b90c
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 47 KB
48 KB 148ms
148ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11e9981679eb5f59fe0b8dc1b466b90c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38869c65f8eab7a23317d68466b4c7551c955f5afa0c683932bb14de8339cb70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 97
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11e9981679eb5f59fe0b8dc1b466b90c
age: 105373
edge-cache-tag: 626062378561734244044133716341492309256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 626062378561734244044133716341492309256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 71
req-referer: https://www.styleathome.com/
content-length: 48405
x-request-id: f6012635c3e55cbdd2a14fb6a472d247
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000024-IAD, cache-iad-kiad7000061-IAD, cache-mad22038-MAD
last-modified: Wed, 03 Apr 2024 00:44:31 GMT
server: nginx
surrogate-reporting: width=1024,height=568,bytes=48405,owidth=1024,oheight=576,obytes=43272,ef=(1,13,17,23,30)
x-timer: S1712777074.188702,VS0,VE97
etag: "9e33ef8612f039cd5b5adf0008d68973"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 55, 0

GET
H2 200 e3db4e6a2b0856eed8aa958deba38e40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 53ms
52ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 667638a38b57298a015cb48616f479cf3e122f18e96bc9cd81d1467b3152769c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
age: 4091618
edge-cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 147
expiration: expiry-date="Thu, 07 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.franceguyane.fr/
content-length: 16432
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200071-IAD, cache-ewr18179-EWR, cache-iad-kiad7000176-IAD, cache-mad22038-MAD
last-modified: Mon, 05 Feb 2024 11:41:59 GMT
server: nginx
surrogate-reporting: width=1344,height=746,bytes=64332,owidth=1344,oheight=768,obytes=70735,ef=(1,13,17,23,30)
x-timer: S1712777074.213770,VS0,VE0
etag: "b209a07dce03cc550512484c23d5529d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 93, 3490

GET
H2 200 227313b2-378e-4d6c-9090-a61b7cb82ec8__NpLaVFye.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/ 74 KB
75 KB 53ms
53ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/227313b2-378e-4d6c-9090-a61b7cb82ec8__NpLaVFye.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd9ab680aebbd06ad016602f3b19b49fa8f2bf2af02de06d787b4faff9bbcea6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/227313b2-378e-4d6c-9090-a61b7cb82ec8__NpLaVFye.jpg
age: 422999
edge-cache-tag: 581515414533297436500652712276602549731,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581515414533297436500652712276602549731,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 240
expiration: expiry-date="Sun, 03 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dziendobry.tvn.pl/
content-length: 76138
x-served-by: cache-iad-kcgs7200040-IAD, cache-iad-kjyo7100177-IAD, cache-iad-kjyo7100153-IAD, cache-mad22038-MAD
last-modified: Thu, 01 Feb 2024 14:44:41 GMT
server: nginx
surrogate-reporting: width=1066,height=592,bytes=142786,owidth=1066,oheight=600,obytes=379351,ef=(1,13,17,23,30)
x-timer: S1712777074.217455,VS0,VE1
etag: "0bd2b0867cc6f5e67f0e033a36294a59"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 10, 0

GET
H2 200 50fc25734abab64a39b7b6d844960820.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 123 KB
124 KB 54ms
54ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50fc25734abab64a39b7b6d844960820.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dda2ee0543cd884ab7f845e212f7d54327b14a9d9712c81d73f8ec09d1408b1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50fc25734abab64a39b7b6d844960820.jpg
age: 283568
edge-cache-tag: 535971010027884936489320853176674671712,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535971010027884936489320853176674671712,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 25
req-referer: https://www.tipsandtricksjapan.com/
content-length: 125848
x-request-id: 9f2f114c6aa022c7c0b81d3890335a94
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kiad7000169-IAD, cache-iad-kcgs7200033-IAD, cache-mad22038-MAD
last-modified: Fri, 15 Mar 2024 09:44:16 GMT
server: nginx
surrogate-reporting: width=1497,height=831,bytes=125848,owidth=1497,oheight=842,obytes=584059,ef=(1,13,17,23,30)
x-timer: S1712777074.234313,VS0,VE2
etag: "f4c2c28aa61d86bd271dd93266f7e2ed"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F4AA 17 KB
6 KB 141ms
141ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:34 GMT

GET
H2 200 main_00009.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 36ms
36ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00009.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 589c4f2ac5f4b837b92b7bb5dddd7e6b0e15662eb4cc8963c1152ca651dc830a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:34 GMT
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1712662371
content-length: 2584
x-77-nzt: EggB1GY4tAFBDAGckiEfAfcPwAEA
x-accel-expires: @1713699171
x-77-age: 114703
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a18"
x-77-nzt-ray: 6d204d116fc3119772e716662eb15204
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
467 B 164ms
68ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: bbf94573ab4042a3d9dc7cd1e572a7007902b45bbbca21f724c11ac2880dc522

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/3.0.0
Content-Type: application/json
access-control-allow-origin: https://ultrasurfing.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
Expires: 0

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
368 B 112ms
35ms XHR
application/json 34.241.182.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.182.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-182-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: db29df1f693889c5ab0d4225662da6132faf8d751b1869d30a61dd90aca58929

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 98

POST
H2 204 64c7d6d6f0dba81d51b6b33f Show response
prebid.cootlogix.com/prebid/multi/ 0
320 B 309ms
103ms XHR
text/plain 138.197.53.255
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/64c7d6d6f0dba81d51b6b33f
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.53.255 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:34 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 209ms
150ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

ca60827de2feb898974e4c13fe6fd8ed28d4cce36e0088c52d22da575a656232

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
an-x-request-uuid: 633cc24c-7698-4b2e-9f7c-89365f4852c0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.199.131; 95.211.199.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
366 B 228ms
52ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=62066&adtype=video&auc=ultrasurfing-instream-unit&w=640&h=360&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62297&requestId=10362724e5e3bcd&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&eids=&bidfloor=0.25&d=ultrasurfing.com&sp=https%253A%252F%252Fultrasurfing.com%252F&usp=&coppa=false&videoContext=instream&bcat=&badv=&bapp=&btype=&battr=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Apr 2024 19:24:34 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 63ms
63ms XHR
text/javascript 13.33.173.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=j7uINEd0wGSIl&cb=3&ws=1600x1200&v=24.305.1002&t=3000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A25%2C%22id%22%3A%22Adpushup_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-173-196.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:33 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: myEtytgr6LbFhaKKWUT94D3SSZXUVA66-N_z-_maIyysjQsrAPArHA==

GET
H2 200 main_00009.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 83 KB
84 KB 29ms
29ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00009.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7eda8b55f6419897c23eecfa66f341cdc9f9a4b76de6ea1db69c09922079ac9f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:34 GMT
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1712576217
content-length: 85164
x-77-nzt: EggB1GY4tAFBDAGckiEnAfeZEAMA
x-accel-expires: @1713613017
x-77-age: 200857
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-14cac"
x-77-nzt-ray: 6d204d116fc3119772e7166695b54106
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/babe855e024a0741ceb13ba55118a9ca.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6841687f1c3d6e48424e5848236972f0fd4940a4641f1ec95501a9d642c78654

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/babe855e024a0741ceb13ba55118a9ca.jpg
age: 4019666
edge-cache-tag: 526499991310399254233746344389252059931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526499991310399254233746344389252059931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 269
req-referer: https://wjla.com/
content-length: 52500
x-request-id: 2c2dc8634c403546a5a4d1d9407446c3
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kiad7000154-IAD, cache-lax-kwhp1940095-LAX, cache-iad-kjyo7100021-IAD, cache-mad22038-MAD
last-modified: Tue, 12 Sep 2023 18:48:30 GMT
server: nginx
surrogate-reporting: width=1280,height=640,bytes=112885,owidth=1280,oheight=720,obytes=118873
x-timer: S1712777074.246578,VS0,VE2
etag: "451a7b4152f959da2ee1eaef515438db"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 114, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_2121%2Cx_0%2Cy_171/c_fill%2Cw_740%2Ch_370/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/517995089__ENB8ONDo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dd93c7c7516f3e54ae97082a7bb89e8536b0bdb04656258c254bcc0871181c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_2121%2Cx_0%2Cy_171/c_fill%2Cw_740%2Ch_370/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/517995089__ENB8ONDo.jpg
age: 201885
edge-cache-tag: 336686882252237359149762386901809763152,564263902937440048080614688072349720912,29ecf9b93bbf306179626feeda1fab70
cache-tag: 336686882252237359149762386901809763152,564263902937440048080614688072349720912,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 970
req-referer: https://fussball.news/
content-length: 184637
x-request-id: 738ca0234a281893b56185b7191efef2
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200093-IAD, cache-lax-kwhp1940147-LAX, cache-iad-kcgs7200109-IAD, cache-mad22038-MAD
last-modified: Mon, 08 Apr 2024 09:09:14 GMT
server: nginx
surrogate-reporting: width=740,height=370,bytes=184637,owidth=2121,oheight=1414,obytes=3954534,ef=(1,13,17,23,30)
x-timer: S1712777074.267479,VS0,VE1
etag: "403753da75585851c0c175eb1ec01445"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 12, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb36def5f607c7fdb4f67725597aee63.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c94f109189bfe00d5571801adda2ab4194a1084a5577ff609699fcb14191903

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb36def5f607c7fdb4f67725597aee63.jpg
age: 3303793
edge-cache-tag: 323735913963596229244119591214653637302,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 323735913963596229244119591214653637302,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 228
expiration: expiry-date="Mon, 11 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espncricinfo.com/
content-length: 10124
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kiad7000021-IAD, cache-lga21929-LGA, cache-iad-kjyo7100033-IAD, cache-mad22038-MAD
last-modified: Fri, 09 Feb 2024 16:59:12 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18765,owidth=1999,oheight=1655,obytes=180494,ef=(1,13,17,23,30)
x-timer: S1712777074.275307,VS0,VE1
etag: "46dbb67bf195180a480bb57e4442270b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1456, 1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 54DF 17 KB
6 KB 125ms
125ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:24:34 GMT

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_9_2/assets/css/ 70 KB
10 KB 53ms
53ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_9_2/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 86e9d9ba5e4437ffe327fa4322ee1a197909ac1059a0fe423605085d4bf9757b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-mtime: 1712294427
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: F9FW34XPC52B3GTK
age: 482466
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1712294428
x-amz-meta-mode: 33188
content-length: 9589
x-amz-id-2: if9noFFrAEDJnrbaJRsIlAxnLdEdwZ3nrfcBI36iaYHhsMNBZ2I7kiAqjhL0WyE70ih7P8LDz5g=
x-served-by: cache-mad22038-MAD
last-modified: Fri, 05 Apr 2024 05:20:29 GMT
server: AmazonS3-br
x-timer: S1712777074.193561,VS0,VE0
etag: "271ba23308b6755f26911c7bd52c1c2d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 253942

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_9_2/infra/ 491 KB
102 KB 50ms
50ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_9_2/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f1d5aa44461f13674c3f9e64b07ce300222d9ecc5a4122d213fd7cf02147dd0e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-mtime: 1712294412
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: F9FQNRF5QD8NGAD1
age: 482466
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1712294413
x-amz-meta-mode: 33188
content-length: 103978
x-amz-id-2: /PrQYfLhGtYsvTBQPT6aQu4kCbukQ5ZRKD8AALfIwKUb2KidHOZkUVCxg8vuyPy73IjrNby7Vrg=
x-served-by: cache-mad2200120-MAD
last-modified: Fri, 05 Apr 2024 05:20:14 GMT
server: AmazonS3-br
x-timer: S1712777074.191249,VS0,VE0
etag: "bb6357923881048642e6f5d680abd4b3"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 244907

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/584233698__qz09ZLil.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2002205b295d92009f25ce998dd54523f9678a055e0153f09ff521e8c10eb8f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/584233698__qz09ZLil.jpg
age: 685853
edge-cache-tag: 320848492492590841945825396894820549452,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 320848492492590841945825396894820549452,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 15
expiration: expiry-date="Sun, 07 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.pressandguide.com/
content-length: 27958
x-served-by: cache-iad-kjyo7100096-IAD, cache-iad-kjyo7100170-IAD, cache-lax-kwhp1940052-LAX, cache-iad-kcgs7200178-IAD, cache-mad22038-MAD
last-modified: Thu, 07 Mar 2024 21:24:54 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=27958,owidth=2119,oheight=1414,obytes=1699103,ef=(1,13,17,23,30)
x-timer: S1712777074.276468,VS0,VE1
etag: "d89338deef0746ba5f39bade47d3066b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 9, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1df589291797e2195e53ab42c415192e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f76b82531d0e3192e2cb563d29238a96f4447383d5eafbd17b682ac4fdad9d82

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1df589291797e2195e53ab42c415192e.jpg
age: 1925895
edge-cache-tag: 415452788540976986456590839713280854670,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 415452788540976986456590839713280854670,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 348
req-referer: https://games.espn.com/
content-length: 18436
x-request-id: a7fed3511ab67374f50f43dce8a0f4d5
x-served-by: cache-iad-kiad7000157-IAD, cache-iad-kiad7000070-IAD, cache-iad-kiad7000163-IAD, cache-mad22038-MAD
last-modified: Tue, 19 Mar 2024 09:51:15 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18436,owidth=1999,oheight=1426,obytes=305924,ef=(1,13,17,23,30)
x-timer: S1712777074.292898,VS0,VE1
etag: "49dc0a2262fcb12114825fdf0ed72921"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 565, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e9bf76326ad0694d1b1cbd9a9c5924d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b6b3eeaf142650d695b72bdb83f9edd271e671d4d6574f8016fb01c99da858

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e9bf76326ad0694d1b1cbd9a9c5924d.jpeg
age: 374230
edge-cache-tag: 299712801445471152425787335019770793867,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 299712801445471152425787335019770793867,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 405
req-referer: https://www.cosmopolitan.com/
content-length: 11682
x-request-id: a51f51be4d9a98aa5a6f331ac75562ca
x-served-by: cache-iad-kjyo7100172-IAD, cache-iad-kcgs7200146-IAD, cache-lga21975-LGA, cache-iad-kiad7000036-IAD, cache-mad22038-MAD
last-modified: Thu, 07 Mar 2024 13:05:10 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15029,owidth=1000,oheight=667,obytes=73192,ef=(1,13,17,23,30)
x-timer: S1712777074.303920,VS0,VE1
etag: "d7a58b7ea3eed3b35c41e48e82d51fde"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 7, 1

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D6E 0
0 21ms
19ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53cf1987067b7fccfa00418fbe10288f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d0c7ae658ba4a4b4b6bee25bd2aceb568f360d908191ffb8b21a78e842c1d71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 4
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53cf1987067b7fccfa00418fbe10288f.jpg
age: 40414
edge-cache-tag: 522497108335767490384627368265562136150,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 522497108335767490384627368265562136150,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 177
req-referer: https://weather.com/
content-length: 24412
x-request-id: bf13b19c55f356a5273c113ba0663eb6
x-served-by: cache-iad-kiad7000058-IAD, cache-iad-kjyo7100079-IAD, cache-iad-kcgs7200087-IAD, cache-mad22038-MAD
last-modified: Sun, 31 Mar 2024 14:34:58 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=24412,owidth=1920,oheight=1280,obytes=1204002,ef=(1,13,17,23,30)
x-timer: S1712777074.327363,VS0,VE4
etag: "8ead080c67b40cb2b1ce439554be5f64"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048c07abb56fcddd01cec3f57ac4161d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d182d979a9dc266976bd041bbd75775b78e912f0d9189b9bc88b9386c906cd2d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048c07abb56fcddd01cec3f57ac4161d
age: 241261
edge-cache-tag: 337313309456582407719594984209389919609,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 337313309456582407719594984209389919609,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 136
expiration: expiry-date="Fri, 26 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://7news.com.au/
content-length: 8428
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100021-IAD, cache-iad-kjyo7100177-IAD, cache-mad22038-MAD
last-modified: Tue, 26 Mar 2024 23:26:30 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=10753,owidth=1024,oheight=682,obytes=47626,ef=(1,13,17,23,30)
x-timer: S1712777074.329757,VS0,VE1
etag: "82dfa9d4d3b41e31b0afe08d971fea6b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 7, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98cf8f15556eee834006eb76d9c738f323e974f60826f561e61596295924c27c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
age: 2516671
edge-cache-tag: 544211193292261258242371404021740651035,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544211193292261258242371404021740651035,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 28
expiration: expiry-date="Mon, 04 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.loudersound.com/
content-length: 124544
x-served-by: cache-iad-kjyo7100060-IAD, cache-iad-kjyo7100135-IAD, cache-ewr18179-EWR, cache-iad-kiad7000114-IAD, cache-mad22038-MAD
last-modified: Fri, 02 Feb 2024 01:52:49 GMT
server: nginx
surrogate-reporting: width=1280,height=640,bytes=124544,owidth=1280,oheight=768,obytes=492551,ef=(1,13,17,23,30)
x-timer: S1712777074.330755,VS0,VE2
etag: "ae776a0b75ee1db934486d9d365cffe4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 49, 1, 31, 1

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F4E 0
0 19ms
19ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 21813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 13:21:01 GMT
expires: Thu, 10 Apr 2025 13:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f43f17e6185efd8787ac8ebf93e4c405d1305fd35659103fdbd47f748b45b27

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
age: 3124713
edge-cache-tag: 294763532160413351551879794594549042271,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294763532160413351551879794594549042271,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 159
expiration: expiry-date="Mon, 11 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lgkm.net/
content-length: 79282
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100022-IAD, cache-lax-kwhp1940034-LAX, cache-iad-kiad7000085-IAD, cache-mad22038-MAD
last-modified: Fri, 09 Feb 2024 08:34:48 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=79282,owidth=1200,oheight=630,obytes=1084945,ef=(1,13,17,23,30)
x-timer: S1712777074.339626,VS0,VE2
etag: "74d4c8119da3530103c70b89907b862d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 16, 0, 2, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 667638a38b57298a015cb48616f479cf3e122f18e96bc9cd81d1467b3152769c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
age: 4091618
edge-cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 147
expiration: expiry-date="Thu, 07 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.franceguyane.fr/
content-length: 16432
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200071-IAD, cache-ewr18179-EWR, cache-iad-kiad7000176-IAD, cache-mad22038-MAD
last-modified: Mon, 05 Feb 2024 11:41:59 GMT
server: nginx
surrogate-reporting: width=1344,height=746,bytes=64332,owidth=1344,oheight=768,obytes=70735,ef=(1,13,17,23,30)
x-timer: S1712777074.347409,VS0,VE0
etag: "b209a07dce03cc550512484c23d5529d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 93, 3491

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/227313b2-378e-4d6c-9090-a61b7cb82ec8__NpLaVFye.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd9ab680aebbd06ad016602f3b19b49fa8f2bf2af02de06d787b4faff9bbcea6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/227313b2-378e-4d6c-9090-a61b7cb82ec8__NpLaVFye.jpg
age: 422999
edge-cache-tag: 581515414533297436500652712276602549731,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581515414533297436500652712276602549731,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 240
expiration: expiry-date="Sun, 03 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dziendobry.tvn.pl/
content-length: 76138
x-served-by: cache-iad-kcgs7200040-IAD, cache-iad-kjyo7100177-IAD, cache-iad-kjyo7100153-IAD, cache-mad22038-MAD
last-modified: Thu, 01 Feb 2024 14:44:41 GMT
server: nginx
surrogate-reporting: width=1066,height=592,bytes=142786,owidth=1066,oheight=600,obytes=379351,ef=(1,13,17,23,30)
x-timer: S1712777074.358490,VS0,VE2
etag: "0bd2b0867cc6f5e67f0e033a36294a59"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 10, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50fc25734abab64a39b7b6d844960820.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dda2ee0543cd884ab7f845e212f7d54327b14a9d9712c81d73f8ec09d1408b1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50fc25734abab64a39b7b6d844960820.jpg
age: 283568
edge-cache-tag: 535971010027884936489320853176674671712,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535971010027884936489320853176674671712,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 25
req-referer: https://www.tipsandtricksjapan.com/
content-length: 125848
x-request-id: 9f2f114c6aa022c7c0b81d3890335a94
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kiad7000169-IAD, cache-iad-kcgs7200033-IAD, cache-mad22038-MAD
last-modified: Fri, 15 Mar 2024 09:44:16 GMT
server: nginx
surrogate-reporting: width=1497,height=831,bytes=125848,owidth=1497,oheight=842,obytes=584059,ef=(1,13,17,23,30)
x-timer: S1712777074.386336,VS0,VE2
etag: "f4c2c28aa61d86bd271dd93266f7e2ed"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 1

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_9_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 11dbcac5e035be02cf80e51d1841e116.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MAD56-P1
age: 2546573
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-mad22038-MAD
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1712777074.336476,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: _vhdwjdlsTpLLDi-9VYDmJlWEOhZ9rt3rcDYftSU3hxU9TVBS0cQ8g==
x-cache-hits: 27887

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v16.3.5/ 468 KB
87 KB 49ms
49ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.3.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_9_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4cf2ce526c6dac97222eaac30ec22d9306465285b13468ca584dc1fffa155178

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-mtime: 1712654355
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KHMN2RKCP1V22K9R
age: 122628
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1712654390
x-amz-meta-mode: 33188
content-length: 88669
x-amz-id-2: dhFEJMX/+KA/03OlWn7LiLsECv46FbRgpKrIx9irwCijT1RCzLYps2vXYY6djiBdJWNYXCCp2uQ=
x-served-by: cache-mad2200120-MAD
last-modified: Tue, 09 Apr 2024 09:19:51 GMT
server: AmazonS3-br
x-timer: S1712777074.344781,VS0,VE0
etag: "8f840a4a9fb20bc5897c13848bd80b03"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 79736

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 230ms
230ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&cmcv=&pix=31579697&cb=1712777074315&uv=3392&tms=1712777074315&su=3&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!pl159704-872_vB!rbcatc_vA!smbs!tmaxc_vB!ufm_vG!ul159704-912_vB&ft=0&unm=FEED_MANAGER&su=3&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:34 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 52ms
52ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 14ebdcf21d0310896336dbc3c885587c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MAD56-P1
age: 1178529
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-mad22038-MAD
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1712777074.369927,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: VdAEb5rl4WAtxrYBHyQkEGSTXJQr-PeKkbzAidb201TAlDPP9mBP1g==
x-cache-hits: 105680

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FD1 42 B
64 B 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxhbNt-DlF08wW9DyXjP98RoPnT_a1-FeYH3zsadVYaPXKg0dABvFXUDMV_dkfnn9mC1zMIuYaKpBKWqknFc07lvOhf9ZXNt9mPFKb22uzweObXar3DRbbqHD2dIW-Fhff5fsV8UG0Yq8ffMxX1LmbzMwsE5NMwwnO2bnYdA&sig=Cg0ArKJSzCTLjA1O146EEAE&id=lidar2&mcvt=1023&p=1110,436,1200,1164&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20240408&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2214359445&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=870987300&rst=1712777072887&rpt=419&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11e9981679eb5f59fe0b8dc1b466b90c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38869c65f8eab7a23317d68466b4c7551c955f5afa0c683932bb14de8339cb70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11e9981679eb5f59fe0b8dc1b466b90c
age: 105373
edge-cache-tag: 626062378561734244044133716341492309256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 626062378561734244044133716341492309256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 71
req-referer: https://www.styleathome.com/
content-length: 48405
x-request-id: f6012635c3e55cbdd2a14fb6a472d247
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000024-IAD, cache-iad-kiad7000061-IAD, cache-mad22038-MAD
last-modified: Wed, 03 Apr 2024 00:44:31 GMT
server: nginx
surrogate-reporting: width=1024,height=568,bytes=48405,owidth=1024,oheight=576,obytes=43272,ef=(1,13,17,23,30)
x-timer: S1712777074.386337,VS0,VE2
etag: "9e33ef8612f039cd5b5adf0008d68973"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 55, 1

POST
H/1.1 204
No Content multitracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame 6FD1 0
224 B 19ms
19ms XHR
text/plain 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ultrasurfing.com
Date: Wed, 10 Apr 2024 19:24:34 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 cmAdService.js Show response
vidstat.taboola.com/vpaid/units/33_9_2/infra/ 47 KB
12 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_9_2/infra/cmAdService.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_9_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07c4bf8e54e3c537e2c955807c29e5b2f4b623d615471332bd313c6249646c26

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-mtime: 1712294418
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 faad6addbc9944fdec5df394277cd03e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MAD56-P1
age: 482466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1712294419
x-amz-meta-mode: 33188
content-length: 11732
x-served-by: cache-mad22038-MAD
last-modified: Fri, 05 Apr 2024 05:20:20 GMT
server: AmazonS3
x-timer: S1712777074.451163,VS0,VE0
etag: "c54f35263af481a2fae3eb126271112e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: JHiuofTPu_u1u7bB6Bz9-R5nU7yUMqvzAs4hhyVIxN5EaKNuam9TqQ==
x-cache-hits: 248818

POST
H2 202 logs
http-intake.logs.datadoghq.com/api/v2/ 0
0 151ms
150ms Ping
application/json 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=450db60c9e5108400bd9a6539552f87a&ddsource=nodejs&service=instream
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD82 42 B
64 B 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4uW7BxPME45zEL8YWyVK_7GU--IUdYdnP2KuP8ug3qZg4l3Cf6GoKdOpOwZvZBqBb7MluLEHRdFipQQc27nfLIjKYCOfWbbNKsyaeRgvOVRXZYltMbNnzIv865OaIP82skA1G7T-wPe8sc2OLi8r_lQ5VTte5XHv6udfH2w&sig=Cg0ArKJSzAikEH3wr451EAE&id=lidar2&mcvt=1002&p=370,345,970,465&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240408&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1309640580&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=870987300&rst=1712777073129&rpt=293&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A94B 42 B
64 B 53ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvU5NHye3xRbuqrdquwq64UojztBbAJqDr9dFLThiqtEroO6sqAw6CehmO1l_PHhBlfzJvddkbOoWL89DB__0h1x533B5aQ4VYa7kU2KB4Qe1dWgSf00AI_cZB6A3u-RTmNc4tEuTfOQjImTr_CzbijzQX13hv3T54pnXFi_Q&sig=Cg0ArKJSzCqXe0HSpAuWEAE&id=lidar2&mcvt=1003&p=105,660,355,960&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240408&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=129182719&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=870987300&rst=1712777073123&rpt=305&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
350 B 92ms
91ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?tvi2=16048&tvi50=15661&route=AM%3AAM%3AV&lti=deflated&bulkSize=14
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 40
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 28341
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-mad22038-MAD
pragma: no-cache
server: nginx
x-timer: S1712777075.520970,VS0,VE40
content-type: image/gif
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H/1.1 204
No Content multitracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame CD82 0
224 B 18ms
18ms XHR
text/plain 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_release_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ultrasurfing.com
Date: Wed, 10 Apr 2024 19:24:34 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H/1.1 204
No Content multitracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame A94B 0
224 B 19ms
19ms XHR
text/plain 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/eiGAJ/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Barking, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ultrasurfing.com
Date: Wed, 10 Apr 2024 19:24:34 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
739 B 52ms
52ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 10 Apr 2024 19:24:34 GMT
via: 1.1 varnish
x-amz-request-id: M6ZNCPBW7E3RBJZB
age: 20514
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: eoEx04AJrqIVyb1sIeoy1QXGmEfJKlRp4x0+Dq74x1m1rXsvtFbb2Zno83SaSKl5zCoEqiG0wos=
x-served-by: cache-mad22038-MAD
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1712777075.557633,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 6422

GET sodar
pagead2.googlesyndication.com/pagead/ Frame CD82 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 6FD1 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame A94B 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 2832 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 134B 42 B
64 B 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVnvGjExaZ97lg4pvULzat9H_7jCjXVnVfNlqUlhlnJ0Gf6tfHMNng-quAKkkYzf8RMkianXU0gjUvKraxEyuVn0NgBYw8lMRkeye_V2YBpqyJy8D_8JrrC0T5PTSWUjuAEDlx5JQtg5CILDOdrJTPx23Z1KFA_ffKUOOc6Q&sig=Cg0ArKJSzINuf_hKpBpgEAE&id=lidar2&mcvt=1005&p=370,975,620,1275&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240408&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2359505847&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=870987300&rst=1712777073140&rpt=774&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2296 42 B
64 B 53ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEb9Lz3HhzmUpuUj9jOdHG7qwjw7gQ8GOKex_U9DEqhMK0LT7otZaeDGqWcKMTQeWF2qktzSmVo4TCQf__WVtWFITQoDXGOfPWjf85ab6vG7vV1GilTlAhXCvmpbi_j_HK46lYabZRG9Iqb4zZ3Mg5aG-3UQsO6K7oxau_-A&sig=Cg0ArKJSzPIpiXe6TRkDEAE&id=lidar2&mcvt=1000&p=620,975,1220,1275&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240408&bin=7&avms=nio&bs=1600,1200&mc=0.97&vu=1&app=0&itpl=19&adk=668383107&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=870987300&rst=1712777073148&rpt=782&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4AA 42 B
64 B 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4b0lPC_lKmM_as0tpIm4Oc0xlI_z4oqGPbDpz8dlyoob3umNAUHd8mCT_dw87BPorlxTRgEC1kaHKE7k2CQiOu34GqbIgdFoIRiDvs4pTk4jBH9nB2Dcpqwb56SIRBytir4LPPPeQe7QiRvCwteg86f_TJam1RJeek0Tt&sig=Cg0ArKJSzBc1WUdRgVk-EAE&id=lidar2&mcvt=1001&p=105,660,355,960&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240408&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2090182472&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=870987300&rst=1712777073796&rpt=164&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame F4AA 0
0

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 6FD1 96 KB
31 KB 66ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:24:35 GMT

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
87 B 79ms
78ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=16048&tvi50=15661&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 27
date: Wed, 10 Apr 2024 19:24:35 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 25736
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mad22038-MAD
pragma: no-cache
server: nginx
x-timer: S1712777075.268006,VS0,VE27
content-type: image/gif
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame C26E 0
0 40ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 419484
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 6FD1 96 KB
31 KB 41ms
14ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:24:35 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 54DF 0
0

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame CD82 96 KB
31 KB 19ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:24:35 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame A94B 96 KB
31 KB 20ms
20ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:24:35 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame F880 0
0 16ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 956596
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 52ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240408-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 19:24:35 GMT
x-amz-request-id: TTVBJP5VTC257APS
age: 1190
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: 3ixbz3CRqS4xTljohT+EeaXQ/AvddQ1IDiEH34Gkq7MytpmccS/61b9SfihF3qFqjy+X4WOTJX8=
x-served-by: cache-mad22038-MAD
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1712777075.469988,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 82
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 7579

GET
H2 200 syncframe
gum.criteo.com/ Frame 674F 0
0 17ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 19:24:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 1539680
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 / Show response
pips.taboola.com/ 4 B
122 B 50ms
49ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-mad2200120-MAD
date: Wed, 10 Apr 2024 19:24:35 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 271ms
86ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=de1af9de-da89-4443-9265-156740178840-tuctd106cf1&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTIzLjAuNjMxMi4xMDU=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTIz&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTIz&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 10 Apr 2024 19:24:35 GMT
cache-control: no-store
server: nginx

GET
H2 200 main_00010.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 30ms
30ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00010.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8157e15814af7d7217ce3c6607f6b336f4ec5d1f9e7cad4cd5441418c33420fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:36 GMT
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1711793203
content-length: 2597
x-77-nzt: EggB1GY4tAFBDAElE8I0AfdBAw8A
x-accel-expires: @1712830003
x-77-age: 983873
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119774e71666ac679207
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00010.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 76 KB
76 KB 53ms
52ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00010.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: df9f906b4588b1aaeac2e8bb04af7e2696ede5b1954d364a6737f7ecfa66b22d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:36 GMT
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1711793202
content-length: 77644
x-77-nzt: EggB1GY4tAFBDAElE8IxAfdCAw8A
x-accel-expires: @1712830002
x-77-age: 983874
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-12f4c"
x-77-nzt-ray: 6d204d116fc3119774e716668511ec09
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
13ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 10 Apr 2024 19:24:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 191560
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 6FD1 2 B
374 B 14ms
14ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 226525
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 6FD1 135 B
417 B 74ms
22ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 204 /
onetag-sys.com/usync/ Frame 9107 0
0 60ms
21ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712777073344

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 6FD1 33 B
276 B 78ms
23ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

215837dd4153b7b60388790ec7db4e789c9641690a77b75f80f4f596eb41d917

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
913 B 175ms
175ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1712777076482&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1635&pt=234603607&tz=120&viewable=true&ddast=V9E-ECABYDAC4wXQ9eQmL0BAAuMF0PXkJi9AUAAAAABgYA9AcAJDdZLkymzcStWhkXa9HGMFhLPK6FW7DyeFy7wWThMY6MAEByk-XCZNpM3KqVcbEWbQyDtcTjWrgFK4_HtRtMFh7jyAoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUGwACTiQHQEK4PaeX5eRw-wMAAAAAAAQAAAAAgAQAYMDwuwQAgKJr8gTg_________z8GYIA-80YG4P____8GwKAHAODBBwDgQQgAAADAYgggeaHrcNbmyZ0IAEBgRKoIgBEAAAAAwNf08eARwCSATgCoACyqAP7___utAACuAAAAAhyT8SKsswB0ByXewgAAAAAAxgAW6GHx-80Ou8bvdhnA_________78ZwP8ZwD8agFBU4UcaAFCnB64awC8gAMAawC8gAAAbwLgBAAC8AQTAAQQdAEErBoPVASTQYLOZLGar4ewAAAAAAO4A_v____UAQMJmXNhWHtdqMFgMV5vdYLXcOCcL48Y3WE0Ms5X3ANzPuJUlp8Hs-gBChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-ABO2GK0mk81yOFsuJoPhaDga7Q9gICabAQJMxGC5nEwWk91qtBpthrvRbLBAAIEYTBCAokWDyWo0miwmw9VospotF7vdBgEoWrWajTaD4Wo2me12q-FguByNEGDCFqPVZLJZDmfLxWQwHA1HoyECwJDLsbA5Ry63yGFcrkWj0WatnMxWa8VqthsNFrvhcDRYi14f08kxmG1sji0CCAag7EXytEgnmslmNBnsVo7dyLFyGGeD4Wyycm0cpsnCsRnOPBOxRHOySCeyy75hMy5sK49rNRgshqvNbrBabpyThXHjG6wmhtnKX3I5FjbnyOUWOYzLtWg02qyVk9lqrVjNdqPBYjccjgZr0etjOjkGs43NsW_sFpPdbjfYbfaN3WKy2-0Gu82-w2R6pj5no7iWk3hs1tO0pn3enAaFy2Dx_o4WaezWmxlVtrHFYhqGpp-JVej3-_1-v9_v9_u9G7PBYzAYTtpusGab3K6lo-NZMChiieAinajOpsvD87rc3Kqz6fLwvC43i1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j8COORqLlks5orlcq7YLFYJAAAAAAAAAABgCQATYCbATQAAAAAATgAD2SwWm9U6AQ5isxnNdqvlAgBAxM_rAgCDAAAAAAAA7AKgF4WNW-ml2hUDNAZ4DDBRZ9Pl4Xldbm7V2XR5eF6Xm5UBACDi2ZkBNgN8BiCItVotawAAAAABbAAAAIAAbgDdALwBBJzIcQAAAAAycgDlAAAAAAb0AAAAAPT7AEBMy4UeuFHs_AAFsZrNFvsHABCgEGu1Wt1urNVqBQQQxG4xnEDA____P0EAAAAAAABAT0tBAAAAAAAAgI6MQQAAAAAAAEAPF0KAwLabEHAhIA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!pl159704-872_vB!rbcatc_vA!smbs!tmaxc_vB!ufm_vG!ul159704-912_vB&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.9/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1efefc2c193ef987c8ee57ded2d8f8be0d173a3c41eb837f4712f7ad3d966193

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 10 Apr 2024 19:24:36 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 140108
x-cache: MISS
x-served-by: cache-mad22038-MAD
pragma: no-cache
server: nginx
x-timer: S1712777077.516592,VS0,VE123
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
16ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 10 Apr 2024 19:24:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 249367
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame CD82 2 B
374 B 15ms
15ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 202050
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame CD82 135 B
416 B 22ms
22ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 692.json Show response
id5-sync.com/g/v2/ Frame 6FD1 251 B
448 B 64ms
22ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

6ae270c0d815fba9e7d5cdb23f801717ada9ab2f052d56429868123a30d5d5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 204 /
onetag-sys.com/usync/ Frame 88C1 0
0 21ms
21ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712777073501

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 14ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 10 Apr 2024 19:24:36 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 234339
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame A94B 2 B
374 B 14ms
13ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 185939
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame A94B 135 B
416 B 21ms
21ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 204 /
onetag-sys.com/usync/ Frame E086 0
0 22ms
21ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712777073513

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame CD82 33 B
275 B 22ms
21ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

cfb3293d673bb50cc97011033c5c0dc0867d584775c56141ccd59d12e036609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame A94B 33 B
275 B 21ms
21ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

c065e8efaf193e3483ea71028cba2ec582a48b30441c16e860ac118cf46b984c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 692.json Show response
id5-sync.com/g/v2/ Frame CD82 251 B
447 B 25ms
25ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

aefda0fee5ccba9754340d41530c2e53faa34193e22f4dfebbfeb09afb94d285

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

POST
H2 200 692.json Show response
id5-sync.com/g/v2/ Frame A94B 251 B
447 B 21ms
21ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

798af0ee8b60bfdd9df773a1383076844510f81197a94107c5c8c9fa2e5a1ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Wed, 10 Apr 2024 19:24:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 17ms
17ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je4480v886690812za200&_p=1712777072049&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1577691297.1712777072&ul=en-us&sr=800x600&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=3&sid=1712777072&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=ap_page_view&epn.siteid=45157&_et=1&tfd=5893
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553

43 B
670 B

188ms
50ms

Image
image/gif

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553
Protocol: HTTP/1.1
Server: 212.36.83.246 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Apr 2024 19:24:37 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

date: Wed, 10 Apr 2024 19:24:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=04f335bc-3b9b-4aed-aa4a-48a077630414-6616e775-5553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=1b50678d-c40d-4eaf-b695-5d51cce461ef&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_0f83616a-cf87-47ec-82b9-cc5bf7842d9b&bsw_param=1b50678d-c40d-4eaf-b695-5d51cce461ef&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b50678d-c40d-4eaf-b695-5d51cce461ef

43 B
650 B

198ms
50ms

Image
image/gif

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b50678d-c40d-4eaf-b695-5d51cce461ef
Protocol: HTTP/1.1
Server: 212.36.83.246 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Apr 2024 19:24:37 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b50678d-c40d-4eaf-b695-5d51cce461ef
Date: Wed, 10 Apr 2024 19:24:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 104ms
21ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie
cm.adform.net/ 35 B
484 B 89ms
25ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:37 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 /
sync.cootlogix.com/api/sync/image/ 43 B
355 B 291ms
91ms Image
image/gif 134.209.74.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.cootlogix.com/api/sync/image/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.209.74.131 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 19:24:37 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=8374e659-a3fb-49d2-bb9e-f787fbbfc719

0
571 B

224ms
52ms

Image
text/html

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=8374e659-a3fb-49d2-bb9e-f787fbbfc719
Protocol: HTTP/1.1
Server: 212.36.83.245 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Apr 2024 19:24:37 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Apr 2024 19:24:37 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=8374e659-a3fb-49d2-bb9e-f787fbbfc719
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H2 200 main_00011.aac Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/ 3 KB
3 KB 58ms
58ms XHR
application/octet-stream 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/eng/main_00011.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8e4a10cf0d2bcc29443c1da808fc7f1c4496c926f75540bad8df81a63b5a8075

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:38 GMT
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1712570930
content-length: 2597
x-77-nzt: EggB1GY4tAFBDAGKxyXBAfdEJQMA
x-accel-expires: @1713607730
x-77-age: 206148
last-modified: Fri, 19 May 2023 19:46:55 GMT
server: CDN77-Turbo
etag: "6467d22f-a25"
x-77-nzt-ray: 6d204d116fc3119776e716665405aa0a
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

GET
H2 200 main_00011.ts Show response
video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/ 79 KB
79 KB 35ms
35ms XHR
video/mp2t 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/travel/adgebra_exclusive3/hls/360p/main_00011.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ded6a3259d8c654ea31dc56d496a7dd929cd07e4efa8c296d1861ec2fed8d464

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 10 Apr 2024 19:24:38 GMT
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1712570930
content-length: 80464
x-77-nzt: EggB1GY4tAFBDAGKxyXBAfdEJQMA
x-accel-expires: @1713607730
x-77-age: 206148
last-modified: Fri, 19 May 2023 19:46:54 GMT
server: CDN77-Turbo
etag: "6467d22e-13a50"
x-77-nzt-ray: 6d204d116fc3119776e71666f1f2620d
vary: Origin
content-type: video/mp2t
access-control-allow-origin: https://ultrasurfing.com
accept-ranges: bytes
x-robots-tag: : noindex, nofollow

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404040101&jk=2916510004597606&bg=!3N-l35DNAAbi8lI9wvI7ADQBe5WfOK8g4TYgfrPDabVDm_dpB6IcfIes8iNemhwv0C2xBkqDEe88R85qAO877bQE-Uk0AgAAAFJSAAAAAWgBB34ANVD1Exoy9sqe4FijS1NIPtPkJ2Omn_KB5ymLkG55Dql32Pmiy4-NGKQOerqCSxdZaeXZg_JamQKYXlBCnIoPMr3HXzcf2s5istdZeion2OU67csICODJXlkdzE6YFBeSFid3U-vIBQsnae7Vw0Kr_wxXnIr6TYcllpPAtQG3PNK0FT2znpkosiKJiYZvsArL02kK3tr9etgctnsjmdOlxrjPmqCn6wvc3AOYqX-IZN22ooiB2LKoKUr9-VWIJjNpTlOSyurIXq9hlMS5uYbFWQTGx8TNktiq0GaWpFjuVhmETYVSEcasMtvviF8dyBs2w1ZFI4j2HLMe1ZIS57JZXVyfb8QwnO5GlawbTDl-GVX7BOotg1dIKPvgWfM9sT_AnIjc7DIhJ4zJkaPj9hcVKZdG508iQyFwEjCCLBjGXxeYjlSDds77krwCWugSbTmXQmdmQC6LBiCEDYXo2LzNK7RIF4X93XTScdQLjeuVUkbL136bnlVAQRH97-U9B7RGKDAr5vmwHfxfFHc1SvKbcGBQSvhcRnaWe1lJ2_j6kl-DNC_DSm8uCw0qlyOEydt1QAYGrNHTJmh4QVW3dobfWd1zAX3lFpaBTBBq7AEKCMRlowqUEwxRX9P1hnf9y_nsgbKuRFd8OYzYjVnM_pJAw1M52aXAtbczMumki502FECtT-jnYH7NDHZwUmpZyjtJSn6xG-j53H_dEwNlAAhsMQBt48NDHtFYHLTveJdIqSChWfxGRLAbEN527H2Sxwv-sive9e3_lBqD4a5jbF9g9ckWdhLpiXzSVrDHXnsBkMPiqEbh8mWUsI7Tsmt6SJBxcALMOfh6i9hNQqB_9wkYXLKPM_1O4lMcmXkuRuECZb-Qo1OQ51SfFglup_3jYqNOCSVlEurHT7FQ0gbeig_9Dhrper98KsBFJZM-Sz74siLQL6Gwh1JfIBP2CG66-PbjaQ

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404040101&jk=4347819422954074&bg=!UFOlUxzNAAbi8lI9wvI7ADQBe5WfOGrvo7Zn8MhnXo5rMuju7KTthVgWRKn0EkCtFQFZj-3QuYCLD2YNJPIU4uR4ZeQYAgAAAPhSAAAAAWgBB34ANVg35V48X7cA5IcOryTgl3yXnvFUYczkFXLo81OkbYYGp2CIjk3F7H6d_svNPhXD6gc00eFTCgB7i6JJCMjzBynQ1u73uOmgZHoTh_AJGwtjxXy3X9w4qquaeVq5ppBk3w7nt77iL7isMiKwYKePenIUEfeFZRU4e6vDNbZx2BVamLnXo1HvruvUDghZqXV2k8X3zem6oDnIHEsv1LvfQQMDq81esdSQWiPqtTMbubUCoTH5mQK0YezdhT56UHmWTahKz5lTfqBegvhStSk_W2PgCEogwhHGIGEDH1nlP8hzW_0Q60y2vJle6yal50tC3Pipl7EvNC6pwAOBm0DmGNnnNDPqFtfsH0PaFXlo6IhiWIiEHDG3fpfujViozFl0V8hAhUWUdKF_oKd2s93_hnTI1n9wAi6UN9yVPk4m_QK1wpfYyx-_sw5Zyano97tttuo-tw-M5M_xUg1Ms5BqWKqYEah5NhZ8bbL3tK299Zerp6_jV-OR0pBVVOf08ZQ3Scs-NuJ3sPpemVmcilbnmaDiDPAhYdqafIq_DF0lNaFxxqNf6J1wqn0PKARKn6MS0uT8OjNYStHSlhqbak3GTEcLM1lvJfkmMMzyRwuFz7zfFnHBhNJa9_1D5F2NQD-RBAIDdFmk-Dq0dERnLLgBc_jPQWr-T6eESKY46ymkdc86F1jEDgOKjlypefB2UF9N-13nMJ6fyZRmMU9uFo4OF22IW-d23XXxcbtDI3GN8Ex1w1ZSd-8i0lCoZhswVJ8eCu80OIH4v_no6ri3vvCqt7hraEd83H3h_I24ayq2NhJgQsl7PSGKIsZXS5mo3P04FpjwiH92ftFufAQThB9DTOP5drn_fFuuThsp3jQo8LcurMqnxM8DCaveGCPV2DfLVdcZZamNA8qhSLxWXXiiDDcGq4fA2IUs71bHWM_z3bXI9GL5p8snuR0V4o5f-RWJR-2WpfCw1KIGuWFj07PsfsetLOeE2VFAw52CHRQyrKNLW37bdz1eXtdjnt15xKOgLk3HbopvwiYTW3EFOd07fS3MGx9Yc_LOvU-fDACEBvq15SbIt7cAxGdK38XRxZyvDenBksM50xJcaI1G1ySiqV2nSuhowcm0rKW4naVMOrLc_v-yK8oL2EEWKhtAkAtXJS9Xdy_5qOSIL1Y

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404080101&jk=218440773637057&bg=!ra6lruHNAAbi8lI9wvI7ADQBe5WfOKiMZIsN2T5bCtA2fw-pBPIX8dS0Sc7vNETzgxfUSVuvoBcH_HEQ09ZKE-efht0vAgAAAQdSAAAAAmgBB34ANUymOEE7tgya0IIlPMq5qvol8TpCiDa_L27YQ6kUKd9jBDdZ0oj7-RlerG2jl3FKhVCilrICmQK2VEDkgiKIq5Tg7g7IZXDyKS2ybPvXVvmiFsV3_axB8-oG7kG1fWVgGkwgG0bmpRKcvB7b0NK60WMqBOcrJJXL9ZbwTeQ061lj71sii9POilVunakvoB0JnyONcyhpSVVfX1GTma1Wb1rwKfOr9MbDo-mqlQBTQE_QJtLVikOrh6iBieTd2qj-mMQQtLS5Lt597PgYK1m6Kuqs50ytm36ZPzLRM94uXzPFXxpyIKnZ4SXoZhTBp2FX40w9lEM2Q7sWNtShaV71tMmarQI8YfpCMkdmT3j4LD3Otjrl82uEvfSQzSsFGzjx56K4AcZIs9IfkVZFaRjrkzrgrrslmTPASlAH6lb_TdM3zFWR1E3noYcKU4mw-Wz4wY7XUKyGSgv40661mw6U44WbAS8bnezu4NiJ3Wq0_PfaEXoob-6va1paQ9QJjVuZJ2J11W738QW72H_b6ibml6opJZbMIPsEowm75_1q3oNxT0kD5F_I7JUwlZsmmaHqEYsaOZ0hl2wkf0LqJJEkQm-YseiMHnuyWBZ9PWIw8pcUj3ZFGtoAws9cvOtzr7szcZC-dqmJfXxtaIw9hwF4q9M3D0kTLfxueigJDuBi708BpQCrTgm66GarMUurolS0ZlwGBYwA4l6RhPimU7wJx68QcFSVFfznD6xdQav-511PR-kpTqfscEs6AolIOY5GX6cMseSHxS6mfXJecyi8M-j_3rz-BCPU8ctmufe_RhEXF8hvptYXhoH8eAnp7uGrxjqUAdwJh_T6P1r7hAZrn1Q7vd0hM48r0bTLy2Pu-Q0-YrJZI3yQh3QpZP_3DEuKI93ilpZ5OPRw5epCzKO_SDwIWXs9ksdVVhusq6q3VBlqh0Khrcng01qfdDEin5n3RXuMIsVrsArbmgq9p5AOvHpSQqMeC3KjrW_eLApT_g

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404080101&jk=1380143462799882&bg=!oqGloe7NAAbi8lI9wvI7ADQBe5WfOI4r-9HdjF0YhBzwoMTraTatB_4GEWEL5THDJVzzwpoh7V0dvxuYu5un2qwnEwYkAgAAAQRSAAAAAmgBB34ANYbPrRcESvxPNxs3e_EQhZO6MtA2BWU5LlD4x-tyZeYKbMyD6naoITyZOHRac97j45-kzTqbCgAp9eo8PaJ5dx0WZSgqFjEUIxkt0em6axDWDoy65WP8xy91p6QkZSE-J5SZArF-eeGQ-KQlzVJP8MY43kB-LZpmTFdGPyV4jDETxyAXSJptc4SFwUxiQFgkE5lCEgcKq7Wt9bZKT0bGaHOglqm0IFH-FAZd6goRPzeNHP77qofoZoffISgzKzADXTeg_9qN3PHzS7pQN58vJtK5L2-Kp91eX14LonzXPdmJW7A5vHERtpyMwNGWy9cl-LXMv3V0DVUJh4aGzvjrc6lFtZi6H1C_Rv1ta2p4mTSgv_qfvKc5UUm1BG4iZWLfgIUcdkSGtSbzGKeK6pWpeAIfSRjr0sTFtnxBybbBLr_m2UTN9BRzUE4E3Fa3S-4bOxz3tIQYt5RV1P5uti8E3tBmrfJN5cG-7hPt3k3DQn0-AwlSfjE6ApcwA_HbCpmnLoCZEaWgaHezKu16NWwYWJrkOIclMgo1lX41eSqUr-eVYCQJosfNYuSAlGBdeMDA9-gKfnWoKfr1DE3MddiS89KwQ1U1vY1FUEF4fgRc2FfKfc1MN_7kpIMKv1EmDE5a9SE25NaEbn0Jp5J9OG1IzukbIDPaBOW50ze1JVWR5GNNQT67lziLTo2lxAu2CZAu_2qsce4heNx3xwQWxQ76jg1iJqYoJbZ3XLmz5C2hnJl0W3vVXRZ3FeNs1JWwmtOg7Ofgv55jAJZaZAeHZ3ezsa0SlWIEN4QDelnu15sElZx--iq6UwfTkpGSRm1vBBMdWyHW1_bnOfQYlq6Tas1AD3M4cZIE9uS1Rke3s5nj-pMKRtkQLaNRg0bsime8lHb3G4V8rnOw6GR4R9yTRpJrSzMf50kCUSvNm7XfD3mDLK0J7MqWLW8q0c5V1Eh34tmdyPsoNzQriAw58u_G-hoR-btc4gbJZhJ7oq-ArihiG0i5hmIDQ2Y6-djQ7KYwjPYn5KqOaE8jkmD7XQ6-tmP5vNSfcM6EXA

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404040101&jk=1652315441633055&bg=!z8ylzIPNAAbi8lI9wvI7ADQBe5WfOIdujQ0dvGM7VvEtKLJ-_oKZyxj_vcxi9BIEnW8Q8ZQBeqbQDSq3lTn_USj3-AyFAgAAALhSAAAAAWgBB34ANV5H9LJCQqRpR8TVTz951WUd5fHh1zolKFLB7z76X1wdSjj-CYjcxRDDAYYqBBZi_64JPNpPCgAi1nrxxO2h8IvDIghHPBe8kYDyYFkqtIkL-LZ_sZB2SPhSqJkC2cucmN6Wk5AIRiK_knofJZ--OJMr-OL74WrUHB2QEDcAjew3MTYVO1YAUh0h-118xArbZCz3IljyXOQQ_KZElE1ageSTC9Wj3VylUlSizQjfIYmn5Zj0JEzEVxBe-8mPMJF92G45bdJCP76TETg8dfhlv7zdXqsFhhvBkbMPETzrs-GswU0QsmZWa5FRA_m3dRSmI7BahdjU5MI1p5WIaYY0gve5hRMCNbGp6as9gWYBMuqjA-x8UZPmoN1Mp25GC6g8B3XkkDiApwdDmTNZIiAqkqelI-1JG7be2K1pJQ_4-qYW4U8hWpUaZbftczekGM1VplJaWSFf09CYfspIcMWDZDG9f4jCOZXPM2E8TeL7UE3DIfNIHVv8sHSXsh8eO5gJYrDIN5tY3XP7QZ5GqD4yKpfqWmpGIMWeP1PLt2YrDA2me7imgGvB0EJlbilCav0Aig6pw_pfpNzCKZQ31uqFaBcBCbQni8JTh9naMaYILxM3Pel0eQuRugOKpEUg7ZdNODlyKvbbNeP3SFoPER8ffGZIoau9yp-NfV2sjZTE3_1afGrZzqbkmM2IcpW-0bF6JTjNQTYJQMeLJ2czi0tEb9tmSmnurAVdKIw4Zf0CxKqB11D71aPWsEszYQR-uYrgMWNTHNBaM-FSMvTBagP8j4jXUvv-ogGg-7o-w71lyHQCh0nRh0mdM11gXUGTwfl-HvoQYfw6dq-I_uMGj_agLGN7hAfHN9JCqM3bRuud1IoryHn2pYNAc3q9NvtaXDpqb5hrlhgihhoPYxpdks08hqYziazvg-8NKWdG3ydYIS7JhkPLgE8O8ySGEgcN_e0TnCK1a1q-YxBjnihUfi-MeJZFcKfHnyO0og8ZAifjK98o0gRGw3LcUOHcXL5LqLSDqgJzOdshNX1CWN_m5yjqoCrEWTuxY3PeXsxKvlAdlKV8GEAlNuQUFN15boMPPU0ZXqHngVrneQ

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404040101&jk=2119828592586916&bg=!sLOls_zNAAbi8lI9wvI7ADQBe5WfOP1wsAa603l_egKdBYpGrc6bvrKbJ6TrazFMQYSMkZqbiHmQvplDfLzOpw-cGbg5AgAAASVSAAAAAmgBB34ANSrdn-Feu3X13EJFax8vDQIS_dmSDdU0FwcopTlBNENGjPdyOM4h0KBzbrOM8ag73KWLHYAPmQLLRzf6ZODmq0DQvkP-_x4RN3T9O5MVNi_FaIm9NNX4brFina7hGocEiDlgP-8eXEeSxXKobSASk6fFLkK1DUGYfL5DR9hsfF2ueAP1aIZT5-Y-ApSas3ftmZ78DAM2tEPiTb57X2oBLBdVSf7Tw1pOgaVUu7trixrq08U39SkifY9o5dy1zIg5YQAWsuCARisd0pkKrMP7lsSSX6Lr5V3g93be0Ex3AITCp7qK4pJeyTR5eC7ICyYC4V7mtpaeIVK-DIyTlM09rPcSbI7u9IkPi3DnoUHN3rANBrxDu0ra9is8747A1CeQuaPR-1CLCDgRgWg3gNUpzr8EA9KWVVBZE6IztzIpz8AxP80JKhOzfEku9YH9Z410faFEemrscgnoaFm9nfP4z6fui63UgSVRrOuEHnV_bU7wMbIZNpE0fSeH4PuK4P0ftUsfF8BlRQQKS_4_BliIBuVJyHqLFmkAq2ATomAw5kpfQpbsfko-gjzIk0UJ03bT-h_pF5DTl-Y7O2v2q2UfHlIFi2YMoP4nzNdmyKvG0wRsoy1Nd28gM3QoPQUhmCAyuLrzICNRZ362-DigOmR_j4SiBZ0gHV7kNuXfi2yMu6F4ZVX7W1OW_Ecl333mRJ8cjldJhGg1SIFgKA9iXQmZU5C0KtELEvC59Pw7qDC52Pm7h77aC7CaHZB2Z4t-wY5HdFwqKBR3D9O7i5q9qZuuoZGsyjZpda0POYS-YsreFGAdL9WurQ5Dhl5-GaQ__hra1SkBHqX5PW_TftxjnDM69104DByTHQxnxoM3DA8W2sL-sTaAB3m8I77d_q4Q2VPn4GxdwS4Z0Urpf3ll4y5QIaosLsqa6cIf2C9YGwR5d4tx55bMCafwKQUV4aBg6__Hbr-7NMBO6T_SOmuN2v18Cl893mBbLXOl-okvHwFNeobCP5--VODFnzJOMzwyzCedpzsUKw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404040101&jk=91005710487247&bg=!h4SlhMvNAAbi8lI9wvI7ADQBe5WfOEFsCDn96mYt0MIWlc5zXSdBT8yKjdTfemHjJyb5EQ_lxwV6V5gofZtMMoPwAS4CAgAAAhlSAAAAAmgBB34ANcWj-u2dRkaDxa273wa-O7iof5l4cGkKwNXLx9ztW1zhTNXpFi393l1IFmENqtwJq3OwvFNtCgB7tvHAzww1vQkZ5EyjgMchfs_hxnQEvO2gXwn1qgMcgMfgrW-xiYUdv0eEgC3WpQSSukXOsQTF2SBT4vfuXRLaKFXu7KAanMiPeYrfgxpw2Kd0TLqunal9KwD6FpoH2fh57E9-kzExDtjOHuwksPhvlqlToYdWyDQjLOoGmQLRmdDZbwarP7bS9CsaEjk7lcjAub_0cqouBI8JnzOmeaGDOGE3Ihp5BaUc9B34njecc78Cz9427q71NK_eICzBWlkB17D4rK8KIZhuWlhmgEJoWQiSZqi9HOBUUnsZ3cG2YVwrqoRj3vZlL4UR1qaag-KuB0GwTWWnJ5GkqwPH-_2iiRjgIDrrqDWYoPbzQhdPNWxiUO9h-weLzfIPFLTbRkkbKT8uzf0jUBq1Zy_1AJW8vi9EPvN3t6mnXfbOZEYgMwK5DZ4NcqfywOR9U2oGRZTLkbKPbauoi3wdDBJ0XTV_NkYRbUdSu01YmH1ALNcjvRuvmgvPgx6oUCgKHxZM9j3BQU97Oqe-JYSjQlnplQ9j9n0WArtNYYrU51MJ8TTToIEC9GQeDuvNZgG_8cCzfBH7X4QCAcrYMfJj7MtyaMtAu4iw3jy2z0MFQwSsxWetrDpQssrIHU062fWHn0jbgtx_3mtZ-oxMcRkX2Dyg7TnLnbZkjZulApZp3Xk50eEds2Qpcw2IXBCNwXIAB8Zsdxro_Rw44hYy2TsBHuBQAEK6mYbp23pc8g6aoFtSxSSmUZecePhe0XJgoDdQyVsEasqL-65P4KKTzA5Pn5XNUha2garFc7uDp6LwZq24AwO-fw9FN-URu2gbU8cq6-drCuj_Lg76KKBVeDm0sfXRxf2hEa83dnXHJ0FvaH_qf5NFI3Zt_3YlSK_VLsfQIfwyQb58whVzZJOqFVj7EQNA6OBodpRrhWwD_Ztg-JSzfb-FCcr_nR3D7AZyJZQ2ZcPbWzXkUF56rdWtyYIy2343Jv76TQgxIj-Gf944w2opgvL-hmb3awoMKsDwHFh904d_XcjjkMtNeLGQgXdIZFN-8wPwzAKhLjT7McusLfPEITG_IHCn929CaXxdT8jp4OCpQKbFSdC3xbifnb0yGbSRXhXnwKJhVZ2LPnnyLEyeCBqJwQ

Verdicts & Comments Add Verdict or Comment

500 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ultrasurfing.com/	1970-01-20 19:47:43	Name: _gid Value: GA1.2.989833857.1712777072
.ultrasurfing.com/	1970-01-20 19:46:17	Name: _gat_adpushupClientTracker Value: 1
.ultrasurfing.com/	1970-01-21 05:22:17	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1712777072.1.0.1712777072.0.0.0
.quantserve.com/	1970-01-21 05:16:31	Name: mc Value: 6616e770-4641a-a5121-8bd79
.ultrasurfing.com/	1970-01-21 05:10:45	Name: __qca Value: P0-1845487005-1712777072166
ultrasurfing.com/	1970-01-20 20:29:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ultrasurfing.com/	1970-01-21 04:31:53	Name: _pubcid Value: 2a53060e-22d4-4967-a2b7-1e89105b9709
.ultrasurfing.com/	1970-01-21 05:22:17	Name: _ga_Y4YW22RJ0K Value: GS1.1.1712777072.1.0.1712777072.60.0.0
.ultrasurfing.com/	1970-01-21 05:22:17	Name: _ga Value: GA1.1.1577691297.1712777072
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: rUlKcqZVfA0
.youtube.com/	1970-01-21 00:05:29	Name: VISITOR_INFO1_LIVE Value: RVdVus9i3-k
.youtube.com/	1970-01-21 00:05:29	Name: VISITOR_PRIVACY_METADATA Value: CgJSVRIEGgAgIw%3D%3D
.jscdn.greeter.me/	1970-01-20 19:46:18	Name: __cf_bm Value: Xk5DFWM6PZgFaFctyd4uLIp4tYT1y0d94OFN1yPA6bk-1712777072-1.0.1.1-y6p7vJ8l5eSP9r31vpd99sLRk42n7vitFhKOv4ufbCi4zdqdfuuVOslfTQDertVRJSCGewPTMO.rdeVOOCI6zA
.criteo.com/	1970-01-21 05:07:53	Name: receive-cookie-deprecation Value: 1
.ultrasurfing.com/	1970-01-21 04:31:53	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.ultrasurfing.com/	1970-01-21 04:31:53	Name: FCNEC Value: %5B%5B%22AKsRol9gmNIuLaigJHIKW_3pLYO2wmRrD3Kqk3lrpKKGEJFfwROPYzbNypxvzp5H0T0mjLN7HO1ZJ8UV96MF9jnoEfXedykg9pVJrgCOGSFemj0C650f_ZArWbB-RO4bxbFUATkJHdXTXQxJP3sUitMh_BV1ZGofcw%3D%3D%22%5D%5D
.taboola.com/	1970-01-21 04:31:53	Name: datadome Value: ianLiTHLWTKTxxEe5IX6oVT0r6oF6R~nnvTskifBigUerkUKR~L5iOMiE4_t6moXxAW_B0hGoOfmeQuYRWLGiKAzD6XGe9OdtO~P7hlrEXHNk1QjHm3erNncAw4nDzVu
.adnxs.com/	1970-01-20 21:55:53	Name: XANDR_PANID Value: iUIpI6W2912rhHXkgJFgmQbRvXaVDfSBAAb_RA7PSUi29CJgK9aCH7wh6s4e_VzBPrpEu2yEhJFaFEGeNu5ci2fnNPznwkhmAUYvDK4EHok.
.adnxs.com/	1970-01-20 21:55:53	Name: icu Value: ChgI_vV8EAoYASABKAEw8s7bsAY4AUABSAEQ8s7bsAYYAA..
.adnxs.com/	1970-01-21 05:22:17	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:55:53	Name: uuid2 Value: 4968547429697299339
.cootlogix.com/	1970-01-20 20:29:29	Name: vdz_sync Value: f7d45eab-edbc-be6f-6235-363ddc330208
.ultrasurfing.com/	1970-01-21 00:05:29	Name: __eoi Value: ID=09f63b01a93ffc91:T=1712777074:RT=1712777074:S=AA-AfjbByPZ8TDOEAAhFlQ6mN2uN
.criteo.com/	1970-01-21 05:07:53	Name: uid Value: 6fd23f92-ea6b-4418-accd-316582ee52fe
.ultrasurfing.com/	1970-01-21 05:07:53	Name: cto_bundle Value: al5hSF9vV1hOTiUyQk5PbVc1bExBRVd1S1VOUm5HUU9VTmRET3IyUW8zbkZ4ZSUyQmlsRUhlQmRBb013RVI2eDBXT2d6TTZnbFFrdURabFNvTyUyRlpaMm13VGViWnQlMkZOOXV6ZHRNNFpxeWIlMkZ1OGU3Nko2Sk1ZcmRkUU1PTHV2cjNjQkZ3UmJ2UzhGQmdtZ3BFd3pQZDA1a0JpMHp5MjVtVVlYb285WiUyQkVTOHdZNzk0MjR0dm8lM0Q
.openx.net/	1970-01-21 04:31:53	Name: i Value: 690656cf-b3e3-45cc-8ac4-ff7a1ec33669%7C1712777077
.sitescout.com/	1970-01-21 04:31:53	Name: ssi Value: 04f335bc-3b9b-4aed-aa4a-48a077630414#1712777077466
.bidswitch.net/	1970-01-21 04:31:53	Name: tuuid Value: 1b50678d-c40d-4eaf-b695-5d51cce461ef
.bidswitch.net/	1970-01-21 04:31:53	Name: c Value: 1712777077
.bidswitch.net/	1970-01-21 04:31:53	Name: tuuid_lu Value: 1712777077
.sitescout.com/	1970-01-20 20:29:29	Name: _ssuma Value: eyIzOSI6MTcxMjc3NzA3NzQ4OCwiNyI6MTcxMjc3NzA3NzQ4OH0
.adform.net/	1970-01-20 21:12:41	Name: uid Value: 2171331200218927735
.taptapnetworks.com/	1970-01-21 04:31:53	Name: SONATA_ID Value: csonata_0f83616a-cf87-47ec-82b9-cc5bf7842d9b
.tapad.com/	1970-01-20 21:12:41	Name: TapAd_TS Value: 1712777077587
.tapad.com/	1970-01-20 21:12:41	Name: TapAd_DID Value: bd0750bd-2722-4f8d-acdd-5100e73b4476
.tapad.com/	1970-01-20 21:12:41	Name: TapAd_3WAY_SYNCS Value:
.vidoomy.com/	1970-01-20 21:55:53	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJvcGVueCI6eyJ1aWQiOiI4Mzc0ZTY1OS1hM2ZiLTQ5ZDItYmI5ZS1mNzg3ZmJiZmM3MTkiLCJleHBpcmVzIjoiMjAyNC0wNC0yNFQxOToyNDozNy42OTE1MTAyNTNaIn19LCJiZGF5IjoiMjAyNC0wNC0xMFQxOToyNDozNy42OTE0ODk2OTZaIn0=
.vidoomy.com/	1970-01-21 04:31:53	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiIwNGYzMzViYy0zYjliLTRhZWQtYWE0YS00OGEwNzc2MzA0MTQtNjYxNmU3NzUtNTU1MyIsImV4cGlyZXMiOjE3MTUzNjkwNzd9fX0=

148 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation	error	URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.3.5/OvaMediaPlayer.js Message: Custom state pseudo classes are changing from ":--webkit-media-controls-play-button" to ":state(webkit-media-controls-play-button)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

014da31d13bdc090bd974a6f70e32b45.safeframe.googlesyndication.com
12e7c0cde3193d639c015f26b002a7b0.safeframe.googlesyndication.com
3feef5940d682c22a5da0c021bab4df7.safeframe.googlesyndication.com
4ae2ffd3829a7db0b4c12582e51b05b9.safeframe.googlesyndication.com
7bc81086d6d56ebcd067cc9876172d2a.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.vidoomy.com
a3c6963e0d72d97dcd7694d6e57ba41e.safeframe.googlesyndication.com
aax.amazon-adsystem.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.adpushup.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cm.adform.net
code.jquery.com
config.aps.amazon-adsystem.com
d.vidoomy.com
delivery.adrecover.com
e3.adpushup.com
e6927cc17f5e1b85626ef2504d332dbb.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
gum.criteo.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id5-sync.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js.genieessp.com
jscdn.greeter.me
keymap.adpushup.com
lb.eu-1-id5-sync.com
onetag-sys.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
player.aplhb.adipolo.com
prebid-server.rubiconproject.com
prebid.cootlogix.com
proc.ad.cpe.dotomi.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
sghb.aplhb.adipolo.com
sonata-notifications.taptapnetworks.com
static.criteo.net
stats.g.doubleclick.net
sync.cootlogix.com
sync.crwdcntrl.net
tags.crwdcntrl.net
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
video.adpushup.com
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
pagead2.googlesyndication.com
104.16.87.20
108.138.32.75
13.33.173.196
134.209.74.131
138.197.53.255
141.226.224.32
141.226.228.48
142.250.185.174
142.250.185.98
142.250.186.33
142.250.186.34
142.250.74.206
151.101.129.44
151.101.193.44
151.101.65.44
152.199.21.70
162.19.138.119
162.19.138.120
172.217.18.4
178.250.1.8
18.245.31.9
185.239.172.170
188.114.97.3
2001:4860:4802:34::36
212.36.83.245
212.36.83.246
216.239.32.36
216.58.206.33
216.58.206.72
222.230.178.146
23.36.232.182
23.97.225.52
2600:1f18:24e6:b902:85d4:a95e:ebe7:ecb9
2600:9000:223c:3000:6:44e3:f8c0:93a1
2606:4700:4400::ac40:911d
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:6ea0:c700::22
2a02:fa8:8806:21::1780
2a04:4e42:400::649
34.111.113.62
34.241.182.12
34.36.216.150
35.156.202.1
35.214.149.91
35.227.252.103
37.157.3.20
37.252.173.215
45.133.44.3
45.133.44.4
51.38.120.206
51.75.86.98
54.155.27.174
65.9.66.97
69.173.144.137
69.173.144.138
0133ac01339f59dcef43c847003e8450c3530c49e141e3cebb0544832e0bd097
0196df6ee49ed43d78f2510ce82faff8c90d77e163dea8fdf4b10fb128fa74cd
02acae1578de9583e920026dfff878cfeae76a7b0dd65fe130be924e54ffdf0c
02b01d04ecd320d6efc6d93eec4f3e7b9f58a73a9cbd6a990a970d50957284e5
03ce435bac87341346aef1460f8f98b823448cb661c96c3f7a79d95c4567844b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05b6b3eeaf142650d695b72bdb83f9edd271e671d4d6574f8016fb01c99da858
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0791c13a56bb58bc39defa2eec311621cb93ccfe61fe2a2f306ebc59fdd53c0d
0794cbf40aacde76108dee95df25fca03a175072b3e56013803e627af964833b
07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec
07c4bf8e54e3c537e2c955807c29e5b2f4b623d615471332bd313c6249646c26
08dcd4ffa5a2b63749ca40c3f900b1a357a7aadd63bb6fecaac3a513e456527c
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0b870888288fdc85577e8f8f7ca0eb724c54d5f0d98b50f407207aebd3839d88
0e6d855d89cfc80c526ade8965f6b37d8821324cd9998da9daf654ec8253ce1a
0f19b074f93f40ee190ec21c5e0185f9fdf8758082d44b773ead879e31bf19a6
0f7ec2c62febac664cde81008b2ef7f7d0cd25075d077aa0c2e32d8ed7bc2b3f
10b8aa68b9007634209abc64785a8d860a5e94c4c42d08112e450a4dd8632672
11a36f483b15177af560a61b71b2db2fe51229dc56c886281cbbbfe5cf8aac6e
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
159b8ba1bd7d9e2202e8c639e0d333b7dd31aeb17f47f9e4367183caec09dc7a
188b58ed827289ceed86ef2e44454e6bd462de36c841f8a0b844a35b4e39fecc
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1c261ab4dace4aed640d9bebbbc65d51c96c0d088c698af3d881317e0287e765
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1efefc2c193ef987c8ee57ded2d8f8be0d173a3c41eb837f4712f7ad3d966193
2002205b295d92009f25ce998dd54523f9678a055e0153f09ff521e8c10eb8f2
215837dd4153b7b60388790ec7db4e789c9641690a77b75f80f4f596eb41d917
21d7f6c22c1c45922feff702bf8e8fb189a3bba311086b80c4cb7ca7f360fc89
23d2c1d5d19c228d686bd7128079f51d080baa0666ab1d97d7869e9f9bba176e
240bec4f5eb6f06d9e04895bc0f3bae9f097cd6e97e0395dddeed14fe1ee4754
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
29d6b86445f31b537c584e82a25747a833d6d21ebaf66eecd1a4926864075419
2a947ec9647a5fe16feb48012637f3e9e4e3d6a69bd5b232712ebe14839c9764
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
306933f88fe33271cb5c31207d65753523ccc2f6f3af8574e26d57cf66d17458
3115bbc6f22888131b06d9d6b848351a12e5379bae4abdbee9e9cea1e99c823b
3206614759e8368b597cad0b1ecff9800d100a32c884462f8383bde108401c37
3583a4abef8e9e98c438e02a69aeb4ade835a37dab6b2ed65aeb2afff58f355a
37c9360bb0d931d51180c5770fe0b29d50cbca200d7cf981d6cc101e48af0f26
38869c65f8eab7a23317d68466b4c7551c955f5afa0c683932bb14de8339cb70
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b6afda6d28f6f7cb2dd513686942c44a3981d21bd4bde0f2b211040cc8d8289
3e7a618dda55b33b8432e5ef1e810cb836c72ec2674df22ee138c6e48275a834
3e7ef45e2bd7b402fb8e5b1e3fc9e87a9f647ae661caf403c1d2d31eb70de2ba
3f43f17e6185efd8787ac8ebf93e4c405d1305fd35659103fdbd47f748b45b27
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
493b71b1c3501aaee7f694dabdd73cf76d34b7d222ca9ae89c161b3d83b51dc7
4aa6d295b37a2386d156e763138b9741eb8d9b9703712d8a5329a6e57a43ccbb
4c11331fe6ae5e9eac5fa66d4ea614cb0f3c62b7d56b3bdc46ef8894f14b8486
4cbae368c243b50f95ac6d20be51d092cc76e25949a6d6596bda864a0b341365
4cf2ce526c6dac97222eaac30ec22d9306465285b13468ca584dc1fffa155178
4f008f81b1ca4fcaf0d41fe92f90e6ba8312a1f55b5573b1d1a57a6130802227
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
51c75525d7a2c1c5bf13c2161e31a415be759f6ee8b9a7e9242567b0411a6ab2
53c112aa735a17c856d7898b93892f6fdb31c173dc39eac3fce0ccf455028590
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549cf81689ec0ca9ad5135716b46ec81c5de80123103bfeb923895d35ed3083a
589c4f2ac5f4b837b92b7bb5dddd7e6b0e15662eb4cc8963c1152ca651dc830a
5910fa2b14f49be0ebad39542c1bf8405b12ceea073230cc788aa770cd673ad6
5c0ba0a60bf275e530d974c82dcb7f0be15de36f1751a3b285d67c31c80c0729
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dd93c7c7516f3e54ae97082a7bb89e8536b0bdb04656258c254bcc0871181c9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60e221295be2af3136b9cdba70e6b69bed89fbd54e4602a23f74efdda8523490
6188b07f531a65a0d53b693f742537d304069074e66c1b1aaca0cc34fb5edfe3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c75078e34610e59261941555b1c34846fcce3dff55115e67fbbe27ae3be651
6297366ae04118f8186b03b309a16b387b1f53b7dbdf89eb72af7f846af4b708
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667638a38b57298a015cb48616f479cf3e122f18e96bc9cd81d1467b3152769c
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6841687f1c3d6e48424e5848236972f0fd4940a4641f1ec95501a9d642c78654
68989c37fc472b36a246a07ea573d5859751c4ffdfccdf2335d43764e45faeeb
68fa752944569b7e4444f40382114e9eb979b964cfef6d680a0d02d381d4c220
6ae270c0d815fba9e7d5cdb23f801717ada9ab2f052d56429868123a30d5d5a7
6b3dd7ed252cc316eaffe5cb1cc5d973f2d3ae3184ca143b206255459ad026b8
6c8bdc518add85534d7901b2b58c908ee5b15a0c6ccc76a7de7b94986911ecad
6cc8c92b47c572f70fdfcebe469f0f23073b87c309196729e48a5cc73922b2a1
6df16b9d1f923f1c810f639b4338f7f518909b3e7dd84a82590604b75e3f9933
6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7249e03f286780a5c5d80c40944d6ef54e265fb5bf0aa63395695bbbd9c67111
72e6013277164f63654fc121b2cbe90bb6056c4fc6f778a439e23acbfd2cc512
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77308032a19eacd23ef73a237f11c36b51d945555c6c282b1b4e8c1fec26d5b3
7975737dcab3e98655844dc1338ece0d9019246e668f0962f0b0577af1c597e0
79843e768129bc54db15739806c3d973e3d7b3e97c9ac58100c657d071f56fc0
798af0ee8b60bfdd9df773a1383076844510f81197a94107c5c8c9fa2e5a1ca3
7bdb98ec3dac88330b87d4c1be1e7a13941217fb8ddeaab3508fe9a36f0a68b5
7c86900d51054aebaa6916bdd456bde9f181229d86f872eec004477f55bc1f1a
7c94f109189bfe00d5571801adda2ab4194a1084a5577ff609699fcb14191903
7cb558b096de43381ea12cbb5835a8ad210205e0e189e65bc4343ec23de06fb6
7e800289f4c239b49594fc0466a323afb2e2d7f3f4afa9368b34fc24b07968e0
7eda8b55f6419897c23eecfa66f341cdc9f9a4b76de6ea1db69c09922079ac9f
7f3b9e0014e7de4d85dc74f30ffc7e26bb0ff1d023b5eb93299714e9cf7ecf8c
7fba4c9bf5769360be8ba763b0a155b92da4be6951844388b7d5eaab9822e9c5
8157e15814af7d7217ce3c6607f6b336f4ec5d1f9e7cad4cd5441418c33420fb
8175d3e8d96680130d607c1b4397883626f205bfe875ee2664ee71f8ccc9788e
8194879389d71ea1e04b4230670039702b9eb79e7296f21d0a0d6fc6a8eadd19
82058dc4365b2361a3e52046e42ab931f6412de09d8588853b1a8ec06e4db0f1
82b926c1f9c54bf92d5669b3414d1ac9c014ab288a36fffa1b4c5dda90fcb252
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c5190536a91c27cb47ff9d671f0e992cd9328ed13913920653a9c65140d580
83cc38b4325ee10e8f336804b60045e5af897b96ddec743bd068bb08cc82dec1
84f5514063ca13ff102752bcb8fc04b0a735e5251d40ea2486aa48d8fedb8bfe
86deeae6d89048547f18a4f002aabbe2204473f0116bf4b222eed7108459d8c9
86e9d9ba5e4437ffe327fa4322ee1a197909ac1059a0fe423605085d4bf9757b
87afb83349697405684a75a896da9ad767ec869aeb963534d8fb873b53e740d6
887f9a06c248d31c5637b53a68fa61a81392f67f137e0c93fa33e7dca3ee2aad
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8e4a10cf0d2bcc29443c1da808fc7f1c4496c926f75540bad8df81a63b5a8075
8efd69904f94cc23cd40d0f66b4460f7db4941f5194ed468e580b297bd45a1d0
8f53c90048508f2e96d6b662f67108e09151bf7915f23136e4abdaccdc044ab1
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
955d29d5e5633ad8f210695a518f44aae6536f1f30f86cf867ca0884d6096b3e
95fce0690ae2dbb70621af1fffb3124901327bddffb4b5155d4afdd0941ed0ec
985b3bd8d51c73637e709cc2fea41c7dfcfc8e47f6ab86b870ae437c5ee7bfae
98cf8f15556eee834006eb76d9c738f323e974f60826f561e61596295924c27c
993b6c12ec96c3b5ed2b09656c8d6299c508bcbc43449a8540f0104f2473eeea
9ce48d6b7c8313e12de429117a9624e8f9118371448c624428766d644d02531d
9d0c7ae658ba4a4b4b6bee25bd2aceb568f360d908191ffb8b21a78e842c1d71
9d42c1fa5fdf34c3db775c4651d5a0da397572c7f1e64cc40f55cb5fbd5a8a80
9fab174f5f557a25dc9a4d9f5364b533b2d318315499624e8eeaa6a6df923c7c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1f8830bf12c161fff76ea8052efecbe1e35a118f80e8492a0e9bcb765e1c5e4
a58dd01dabadcaafbdf03f08043b4bfe1452f92df24965c67fc56bd9a2a2476f
a7b3207bde2337d74fb51f934d5095994220c069871b9c31710cd2deb19c6b2c
ac5eb4cdef1d6d61e78a8d3b93d76af4e096e531acad963524381cdc7cd6e0f3
ac67c4c64459f243337fd1acd0f9f5884407755db33357382446eccff49080ef
ad7dc92c1e359b82dcd87cd092d5c5834758b14c2ab2da37d7a0de283162de8c
aefda0fee5ccba9754340d41530c2e53faa34193e22f4dfebbfeb09afb94d285
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4
b0a271e9bf20beeb1bf186cdac85aa48670a6b3aa7aacc532ebe8d8508460c81
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28c3181c149b11260684c4f1fab1f5e3c0e287313f09c2c8ca28aa9ae4ab9b1
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
ba215ba34df598608a897a1378c5c68d337ae0b7cc5d3dd6aff569c5c2779826
bbf94573ab4042a3d9dc7cd1e572a7007902b45bbbca21f724c11ac2880dc522
bc2148001231389027e92c57562845eba33107cadc6326c972ac39286a495eb5
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd5786129d28964994b639cb3bab970479813fc5f60c6281ba6e55098477f5e6
bd9ab680aebbd06ad016602f3b19b49fa8f2bf2af02de06d787b4faff9bbcea6
bdea190def121b120d21d78727b0f1691bf0d5f62f25999a3ec79d3b7393fa9d
be98179f98447bfeac41cf131fe1864dd9b6fa617ecf4174e4de687ce0ecbd66
c065e8efaf193e3483ea71028cba2ec582a48b30441c16e860ac118cf46b984c
c44101b466c122e6a5b0d49a20ff71202dbad674e325934707ceb1170161b18e
c54b4f2646be8a0cd7aeb5db1c6d43ac798de663e034576ce6cf1195da1161dc
c61902f54255238f30b59f46a3687e46ccdd93a945b9f106a5f4dfdaccc623cd
c7b049c145ebb1fa294c4e99795b1f92876a8c589ad071c735a757cc689ee2ea
ca60827de2feb898974e4c13fe6fd8ed28d4cce36e0088c52d22da575a656232
ca9acac3c075544d062e208056d13b92ae000acca7eda382f75371f31b2d40b1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd9762aa8a69456cd0112d3b546da6ae49ce29fe2d2e356b6cc70c1b618c196d
ce43d2dd0428e227f36dd0c5eb187a1e20698c13a3812304980a0415838de739
cfb3293d673bb50cc97011033c5c0dc0867d584775c56141ccd59d12e036609b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1698cd130c6df5ca320526301408bb5363c7c44400d85a2b754e9ce563dec87
d182d979a9dc266976bd041bbd75775b78e912f0d9189b9bc88b9386c906cd2d
d290e69efca60b326720ab2ed0cb527f993c0cb829c0f8ad08d72a37dde79173
d2cac5f55d8f1e96424c5fc6755ba87d861ffafc203e20ee74141796f40bcfb1
d320abff84a83c6ca3c7b51794f191fddef49b21f6d31c419a5c6894b48738dd
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d636a38c08819fa227d1550a4913222cbe831a630c3bbda636c3d9df616205ff
d7e1852e847464aa848dff2855855f2581f7e8e0acba9772af1f2d2043f9a6e0
d8438cb183dcb1f77f6587be9aec5c05703ba7b43d1e8aa0f495a7900a92b059
da50891ffc42d4c1579660f8495c39f0120342c869a96f7fa265333e131745d0
da7d1400a01f1224f773622dddab334811d516da76ee8f3a7af251256ea1a4a6
dae0172585ae1755d6534a5d3e1ec6a7425ea5522ebd469f7d24870228a8f6c6
db29df1f693889c5ab0d4225662da6132faf8d751b1869d30a61dd90aca58929
dc16ec384cc392785a2eb03ac9b8ff457ea4d589961b9a88cda45ac4ef33e543
dd0fed3d349fbafb1f9ba565a67a860dee8e268e599880333055b63eba004a51
dda2ee0543cd884ab7f845e212f7d54327b14a9d9712c81d73f8ec09d1408b1a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debf4f2b0c5d2502f55776ae021dcf79feb8ed1d57b0639b4c7bab25a0bea40e
ded6a3259d8c654ea31dc56d496a7dd929cd07e4efa8c296d1861ec2fed8d464
df0a57738fc76a17236d3284bb8f925b53f3a1f0587820fa4126d4b6d8de6708
df9f906b4588b1aaeac2e8bb04af7e2696ede5b1954d364a6737f7ecfa66b22d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e1ce3007dc21d7005506780d41e15e967c606030af5e8cf4a0e06af55c5ff892
e2618c8c103f14a7a5a25557d493d1a49232c36c1c660ac6719060683ecd64e0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57d8e0364ad79bfbb6a6be04daffce50e1d3da92b7ab3427b97952b36ab7d98
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e66077ac683aae40f095833c910c1e8a9079c3791f7a7d0971770b3264f1ffdf
e76006fe2391b414b793aa4c56ea9f0525ce51876a549fb2c7978351a950fdfe
e9e05cd85d3088530453443f83b7258a668d25ca53d5555db0fab38ba6cb154c
eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec34461ac4b673094c6d2a0e25b29afc51e7c7c80a381149f71fdd486a2dacf4
edaaffb403fc27b48b387a23a96224a3b248c05251d4e03423b5341cb5f224a5
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef079198fc55d2a6c7af73ce28711b2120c035c8c7127b47c98e17abbf38e2e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033f222eaeed2dc11f30085369a50520319ce43dce72ccf4b23ee2cbb91c2c5
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1d5aa44461f13674c3f9e64b07ce300222d9ecc5a4122d213fd7cf02147dd0e
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f478e799d2f730eb8ad32de112b72fc22e491e2b94b93bba217bab36db064921
f59c29dcbeedeedda1ac4140ffed3888cbaf7710e070b6347080f1580e7bc1b8
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6ae29380f8c0aae61d904fa03b2eca1a0d9b9b8ecab854241df97328a849197
f76b82531d0e3192e2cb563d29238a96f4447383d5eafbd17b682ac4fdad9d82
f811a3b9f60ff1304c515d66553ecb4e6924fc687a56b4eb92fc60a5d9d5363f
f9c865e712ce40152db97bb5d9004b21d6c51783ffb3daa73d632f4622027e77
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8
fffb21aa63c9893df68b0a208972a23167c4391b9185cf5f673262dc8de9350a

ultrasurfing.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

414 Requests

96 %HTTPS

32 %IPv6

43 Domains

82 Subdomains

65 IPs

12 Countries

8642 kBTransfer

21108 kBSize

38 Cookies

40 Outgoing links

Page URL History

Redirected requests

414 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ultrasurfing.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

414
Requests

96 %
HTTPS

32 %
IPv6

43
Domains

82
Subdomains

65
IPs

12
Countries

8642 kB
Transfer

21108 kB
Size

38
Cookies

414 HTTP transactions
17 data transactions