ultrasurfing.com Open in urlscan Pro
2606:4700:e6::ac40:c416 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ultrasurfing.com/
Submission: On December 19 via api (December 19th 2022, 7:13:27 am UTC) from IE — Scanned from DE

Summary HTTP 332 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 87 IPs in 9 countries across 53 domains to perform 332 HTTP transactions. The main IP is 2606:4700:e6::ac40:c416, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 298303.

This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:e6:... 2606:4700:e6::ac40:c416	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	8.249.61.243 8.249.61.243	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:17e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
69	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
6	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	3.124.138.149 3.124.138.149	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	34.242.189.52 34.242.189.52	16509 (AMAZON-02) (AMAZON-02)
6 10	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
1	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	52.204.6.175 52.204.6.175	14618 (AMAZON-AES) (AMAZON-AES)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.65.162.40 3.65.162.40	16509 (AMAZON-02) (AMAZON-02)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	13.32.10.16 13.32.10.16	16509 (AMAZON-02) (AMAZON-02)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.206.210.112 23.206.210.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.86.240.21 99.86.240.21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.214.61.187 52.214.61.187	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::31d2	16276 (OVH) (OVH)
2	2a02:26f0:350... 2a02:26f0:3500:1c::1724:a36c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.225.232.73 3.225.232.73	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	3.232.42.112 3.232.42.112	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	172.64.175.31 172.64.175.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.84.206.23 54.84.206.23	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	54.203.48.28 54.203.48.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	54.197.177.246 54.197.177.246	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.86.43 65.9.86.43	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
10 15	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	18.157.51.177 18.157.51.177	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:d::1732:83c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:4011:5737:3af2:29df	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
332	87

16 2606:4700:e6::ac40:c416 (United States)

ASN13335 (CLOUDFLARENET, US)

ultrasurfing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.249.61.243 (United States)

ASN3356 (LEVEL3, US)

cdn.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:17e (United States)

ASN13335 (CLOUDFLARENET, US)

increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.138.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-138-149.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.189.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-189-52.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.211.84 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.6.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-6-175.compute-1.amazonaws.com

brightcombid.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.162.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-162-40.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.10.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-10-16.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-21.vie50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.61.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-61-187.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:1c::1724:a36c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.232.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-232-73.compute-1.amazonaws.com

servt.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.42.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-42-112.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.175.31 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.84.206.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-206-23.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.48.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-48-28.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.177.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-177-246.compute-1.amazonaws.com

serv.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-43.ams1.r.cloudfront.net

d24zb9qreavi2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.51.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-51-177.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:4011:5737:3af2:29df (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 937 trc.taboola.com — Cisco Umbrella Rank: 664 vidstat.taboola.com — Cisco Umbrella Rank: 2797 am-trc-events.taboola.com — Cisco Umbrella Rank: 16662 images.taboola.com — Cisco Umbrella Rank: 1571 imprammp.taboola.com — Cisco Umbrella Rank: 13650 am-match.taboola.com — Cisco Umbrella Rank: 13378 am-vid-events.taboola.com — Cisco Umbrella Rank: 13073 sync-t1.taboola.com — Cisco Umbrella Rank: 1183 pips.taboola.com — Cisco Umbrella Rank: 1498 cds.taboola.com — Cisco Umbrella Rank: 1559	4 MB
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	328 KB
34	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297 ad.doubleclick.net — Cisco Umbrella Rank: 161	297 KB
16	ultrasurfing.com ultrasurfing.com — Cisco Umbrella Rank: 298303	148 KB
15	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912 s.amazon-adsystem.com — Cisco Umbrella Rank: 273	148 KB
14	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 462 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894 eus.rubiconproject.com — Cisco Umbrella Rank: 529 pixel.rubiconproject.com — Cisco Umbrella Rank: 309 token.rubiconproject.com — Cisco Umbrella Rank: 563	16 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	10 KB
12	vidcrunch.com cdn.vidcrunch.com — Cisco Umbrella Rank: 48593 servt.vidcrunch.com — Cisco Umbrella Rank: 56559 serv.vidcrunch.com — Cisco Umbrella Rank: 103987	3 MB
11	google.com cse.google.com — Cisco Umbrella Rank: 2978 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 436 adservice.google.com — Cisco Umbrella Rank: 72	172 KB
10	adnxs.com prebid.adnxs.com Failed ib.adnxs.com — Cisco Umbrella Rank: 210	11 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	301 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 446 rtb0.doubleverify.com — Cisco Umbrella Rank: 669 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 14657	44 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	460 KB
7	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	1 KB
6	adform.net track.adform.net — Cisco Umbrella Rank: 3419 s1.adform.net — Cisco Umbrella Rank: 7623	39 KB
5	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 8862 track1.avplayer.com — Cisco Umbrella Rank: 10004	217 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 562	3 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835	1 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 958 id5-sync.com — Cisco Umbrella Rank: 413	19 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	793 B
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1838	191 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332	1 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4234 a.ad.gt — Cisco Umbrella Rank: 3631	4 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1230 bcp.crwdcntrl.net — Cisco Umbrella Rank: 881 id.crwdcntrl.net — Cisco Umbrella Rank: 1446	10 KB
2	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3279	365 B
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 10374	3 KB
2	getrockerbox.com metrics.getrockerbox.com — Cisco Umbrella Rank: 4647	982 B
2	google.de www.google.de — Cisco Umbrella Rank: 6041 adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
2	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 21 imasdk.googleapis.com — Cisco Umbrella Rank: 405	125 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1377 at.teads.tv — Cisco Umbrella Rank: 4867	4 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	113 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 367	708 B
1	cloudfront.net d24zb9qreavi2u.cloudfront.net	427 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2433	313 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 2050	250 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 3170	11 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1200	17 KB
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 510	4 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1148	1 KB
1	marphezis.com brightcombid.marphezis.com — Cisco Umbrella Rank: 9709	98 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5944	1 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 858	275 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 581	403 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1334	163 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 629	225 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 690	363 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 871	240 B
1	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 115	451 B
1	hbwrapper.com cat.hbwrapper.com — Cisco Umbrella Rank: 15276	260 B
1	increaserev.com increaserev.com — Cisco Umbrella Rank: 89789	151 KB
0	rlcdn.com Failed api.rlcdn.com Failed
332	53

	Domain	Requested by
52	images.taboola.com
31	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net pagead2.googlesyndication.com www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net pagead2.googlesyndication.com
16	cdn.taboola.com	ultrasurfing.com cdn.taboola.com
16	ultrasurfing.com	ultrasurfing.com
15	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	ib.adnxs.com	6 redirects increaserev.com googleads.g.doubleclick.net
9	www.googletagservices.com	dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
8	cdn.vidcrunch.com	ultrasurfing.com
7	s0.2mdn.net	ultrasurfing.com s0.2mdn.net dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com ad.doubleclick.net
7	www.google.com	cse.google.com www.google.com tpc.googlesyndication.com
7	c.amazon-adsystem.com	increaserev.com c.amazon-adsystem.com player.aniview.com
6	googleads4.g.doubleclick.net	ultrasurfing.com ad.doubleclick.net
6	googleads.g.doubleclick.net	dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com ultrasurfing.com
6	c2shb.pubgw.yahoo.com	increaserev.com
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com
4	sync.search.spotxchange.com	4 redirects
4	track.adform.net	dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com s1.adform.net
4	dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	trc.taboola.com	cdn.taboola.com
4	securepubads.g.doubleclick.net	increaserev.com securepubads.g.doubleclick.net
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	player.aniview.com	player.avplayer.com player.aniview.com
3	track1.avplayer.com
3	am-trc-events.taboola.com
3	id5-sync.com	increaserev.com cdn.id5-sync.com
3	servt.vidcrunch.com	player.aniview.com
3	fastlane.rubiconproject.com	increaserev.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ad.doubleclick.net	www.googletagservices.com
2	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	s1.adform.net	track.adform.net
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
2	m.exactag.com	dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
2	metrics.getrockerbox.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	player.avplayer.com	cdn.vidcrunch.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com increaserev.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sb.scorecardresearch.com	cdn.taboola.com
2	www.googletagmanager.com	ultrasurfing.com
2	cse.google.com	ultrasurfing.com www.google.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	prebid-server.rubiconproject.com	player.aniview.com
1	d24zb9qreavi2u.cloudfront.net
1	am-vid-events.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	serv.vidcrunch.com	player.aniview.com
1	imasdk.googleapis.com	player.aniview.com
1	a.ad.gt	cdn.hadronid.net
1	vidstat.taboola.com	cdn.taboola.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	id.crwdcntrl.net	increaserev.com
1	idx.liadm.com	increaserev.com
1	lexicon.33across.com	increaserev.com
1	www.google.de
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com
1	www.googleapis.com
1	cdn.id5-sync.com
1	cdn.hadronid.net	ultrasurfing.com
1	tags.crwdcntrl.net	ultrasurfing.com
1	secure.cdn.fastclick.net	ultrasurfing.com
1	at.teads.tv	a.teads.tv
1	tlx.3lift.com	increaserev.com
1	prebid.media.net	increaserev.com
1	brightcombid.marphezis.com	increaserev.com
1	ghb.adtelligent.com	increaserev.com
1	prebid.a-mo.net	increaserev.com
1	ap.lijit.com	increaserev.com
1	tag.1rx.io	increaserev.com
1	ads.yieldmo.com	increaserev.com
1	onetag-sys.com	increaserev.com
1	grid.bidswitch.net	increaserev.com
1	a.teads.tv	increaserev.com
1	cloudflare.com	increaserev.com
1	cat.hbwrapper.com	increaserev.com
1	increaserev.com	ultrasurfing.com
0	api.rlcdn.com Failed	increaserev.com
0	prebid.adnxs.com Failed	increaserev.com
332	97

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
chrome.google.com
ultrasurf.us
vidcrunch.com
www.weightwatchers.com
popup.taboola.com
rogiestemelugin.com
www.mdm.de
www.aroundhome.de
www.qfindnow.com
www.baseattackforce.com
server.adform.net
trc.taboola.com
www.autozeitung.de
www.bereit-zu-reisen.de
ad.doubleclick.net
www.meningitis-bewegt.de
usagco.org
trk.nsoftrack.com
www.freenet.de
www.miele.de
track.cleantrk.click
shefence-citional.com
www.hoeren-heute.de
fragebogen.geers.de
panzer.quest
www.impfen.de

Subject Issuer	Validity	Valid
*.vidcrunch.com Go Daddy Secure Certificate Authority - G2	`2022-03-16` - `2023-03-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cat.hbwrapper.com R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2022-12-11` - `2023-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.a-mo.net R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
marphezis.com Amazon	`2022-10-30` - `2023-11-28`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2022-12-14` - `2023-03-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
outstreamedia.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: B5D2AFD218D438824A444C5BAB2CB22D
Requests: 189 HTTP requests in this frame

Frame: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B7B3C858C8CF4966775A4E3386822B5
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Frame ID: 9B64DAEFE14DCE7A0B7F353C3168EAA0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9842ACD17E3A4738CEBDEE844DBDAF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DD50187D57444A3396C471B28A23FBC
Requests: 2 HTTP requests in this frame

Frame: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12B207C948E2EB4152BE48E243B0B9A7
Requests: 20 HTTP requests in this frame

Frame: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9A56241E65C1FEADBF42580BE55EB1C
Requests: 14 HTTP requests in this frame

Frame: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD058DABA4DD617239A445C0601EC57B
Requests: 27 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&cmcv=&pix=undefined&cb=1671434001222&uv=3245&tms=1671434001222&abt=id5mc_vA!Noappq22_vD!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b6c03918-7fce-4804-9a26-0d63e1ca8a47&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E04020E0A0EEFE84CFE9AA0B51D5AD18
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7B85ADB813B3EC84294A923B0F2D9C69
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYi5uS3AEwAQ&v=APEucNXwBJiDeWQPhloZz9MMlhGEkZI5Ejwyf5_BE-qhZwDl8VGJ7QLYW3YSneSlnedxe9-a2BlQRneRR9MGmOSRevbiQr98_Sw9LhYmzIr5TmDbUC7Pr75TqWIjBexJKboGSuMyvWyEqmNjRFw6FueWt4m5mxwX_czUsCsnp6yHcZzE2NK0YRBG9G2I3rr-BQmuFamfAJZzlMaWnmRVuQOBO6FtGtIvoQ
Frame ID: BDA2C30D5A6C38DF3278E100D6610352
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY-uWz3AEwAQ&v=APEucNVybArU7fe1G7t9PFNZNXIlnQcRXd0Wmn_BreX4T1Zb6zlHLXwNt1RK4BzuikuClCf058grzJDnxTjPkgLRtwVzCrzyUab1SRkLP9OPXZ3FV69YtCQzwbtesB6Btbf3mxaQQjA3taus78U-XyPVSaplVbGS5e-J7BkL33y-vjVAKHVgf7fwbV1vaBgkib9d_4e0CM698U0I3tYWrwxXTt1sl8ytBg
Frame ID: C19CC51B1642399CF93ED48DD73ECE97
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYvcSW3AEwAQ&v=APEucNXTBm-rzR6qNNbvw6rpfd7DniRIfLDWyel4s3-g7w_nZBIENiuGdMrZNNqLxqVK-n6M3b3kh18loyoQH0p0EjdhFekqZuKlS6lGWm5o3Ky9_Ej5MedNHVPFu-rZC9ZV9U8NzlBsx9PO1LHWWV69nHoSt5aCpH_miTuPYIrgRTtIg6wdEw_6dV3cxLE-mT-bUFkzDaME2-uyugQ6azLVYpLZPPADQA
Frame ID: ACCB80AEA5BBD63F9293AF76B7D45FD5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4863E9048B9EAF4AB416EA77F402EEFE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2554C8DE664D09F88CDA4F075D26D656
Requests: 3 HTTP requests in this frame

Frame: http://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: B65457765A39714AEFED54F04A23C138
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 974976DF395966F3C2623A640B1EE634
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6445552857688266089/index.html
Frame ID: 3E1F7CA88EE588DA6C92FFE823060CA2
Requests: 15 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=92.271;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3395800992;ord=2mx02a;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=40;prcl=s
Frame ID: BF00E955436A6EFE63358314E579861A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DEFAC71AE7A93A18410959974FC28BD1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 277E105531DF03FF5DAA43CC0A6F77DC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: F42A1CBBEA97F7916A8BCE59503F7C33
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7417F1411619E7FD8217E81FEF451299
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ultrasurfing.com/ suchen

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

332
Requests

83 %
HTTPS

40 %
IPv6

53
Domains

97
Subdomains

87
IPs

9
Countries

10123 kB
Transfer

15811 kB
Size

37
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/ultrasurf-vpn/id1563051300
Title: Ultrasurf iOS VPN

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.ultrasurf.mobile.ultrasurf
Title: Ultrasurf Android VPN

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/ultrasurf-security-privac/mjnbclmflcpookeapghfhapeffmpodij
Title: Ultrasurf Chrome Extenstion

Search URL Search Domain Scan URL

URL: https://ultrasurf.us/download/usf.exe
Title: Ultrasurf Windows Client

Search URL Search Domain Scan URL

URL: https://vidcrunch.com/

Search URL Search Domain Scan URL

URL: https://www.weightwatchers.com/de/ww-programm-angebote?utm_medium=display_performance&utm_source=taboola_network&utm_campaign=22_fall&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDWr1IogLLd8KSvnZPvAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDWr1IogLLd8KSvnZPvAQ
Title: WeightWatchers

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-b-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://rogiestemelugin.com/5861e86f-c0ab-4988-b212-f5cdf2ef8cce?site=ultrasurf-ultrasurf&site_id=1110515&title=Zuschuss+Treppenlift%3A+Diesen+Trick+kennt+noch+niemand&platform=Desktop&campaign_id=17653734&campaign_item_id=3593343047&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fdb12c5ab7329ee7bcb5ce3434a256667.png&click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDdzU0oy4vHkqKLtsPaAQ&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDdzU0oy4vHkqKLtsPaAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDdzU0oy4vHkqKLtsPaAQ
Title: Treppenlift-Hauslift.de

Search URL Search Domain Scan URL

URL: https://www.mdm.de/dop?sku=24043/004&wk=2071660&campaign=Dis/taboola/sk/2071660&utm_source=taboola&utm_medium=display&utm_campaign=sk&utm_source=taboola&utm_medium=referral#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDBrUYosu-ymJH7pNWfAQ
Title: MDM Deutsche Münze

Search URL Search Domain Scan URL

URL: https://www.weightwatchers.com/de/preise?utm_medium=display_performance&utm_source=taboola_network&utm_campaign=22_fall&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDWr1Io4aHrntzKt8kV#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDWr1Io4aHrntzKt8kV
Title: WeightWatchers

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/treppenlift/angebotsvergleich/?creative_name=441_Treppenlift-055_produktfokus_gruen_bc-kw47Aso-guenstig-ab3000&vendor_id=tb&account_id=1074951&campaign_id=1950313&ad_id=3591753509&utm_id=tb_1074951_1950313_3591753509&publisher_id=1110515&click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCHzkEogrPYwL39u8Ur&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCHzkEogrPYwL39u8Ur#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCHzkEogrPYwL39u8Ur
Title: Treppenlift-Vergleich

Search URL Search Domain Scan URL

URL: https://www.qfindnow.com/de/stories?slug=die-5-schlechtesten-su-vs-auf-dem-deutschen-markt&site_id=6764&forceLocale=true&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDGvVoohJq6uMOkwb7zAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDGvVoohJq6uMOkwb7zAQ
Title: Qfindnow.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.baseattackforce.com/?l=de&r=tabbafdec&clickid=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD8gFsovMSTkofBtJq7AQ&utm_source=taboola-ultrasurf-ultrasurf&utm_medium=tabbafdec&utm_term=Du+wirst+deinen+Computer+nie+wieder+ausschalten+wenn+du+vor+1985+geboren+bist.&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD8gFsovMSTkofBtJq7AQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD8gFsovMSTkofBtJq7AQ
Title: Strategiespiel

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/treppenlift/angebotsvergleich/?creative_name=441_Treppenlift-036-055_bc-kw41Atreppenlift-preis-ab-3000&vendor_id=tb&account_id=1074951&campaign_id=1950313&ad_id=3584008732&utm_id=tb_1074951_1950313_3584008732&publisher_id=1110515&click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCHzkEonralnP3_lYBc&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCHzkEonralnP3_lYBc#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCHzkEonralnP3_lYBc
Title: Treppenlift-Vergleich

Search URL Search Domain Scan URL

URL: https://server.adform.net/C/?bn=59722826;C=0;gdpr=$%7Bgdpr%7D;gdpr_consent=$%7Bgdpr_consent_50%7D%22%20target=%22_blank&utm_source=taboola&utm_medium=referral&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDd-Fso8LWb-Z3q_bveAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDd-Fso8LWb-Z3q_bveAQ
Title: Hoover

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=37ddadab556b8a29ae955e20529e7271&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~-3666053476097528739~~9kuqosR_8lof-zFHhyZoPADEOqBXAzeEbp_WPJsLGzHTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLsGerDzOrQbQyEBS_OlLkU_Jcmng3QKfxgN_vgDAQIU9uOqCtMbBwx6RZPJMncJ5I5XDgvgMrUmMj3qvzBNX6o9Nd4leH4FSpZJbeOklqqTPDW2Kuy2R8uPHGeCijVF-_Ix6rhNEiv1xb5Ick-dtHN&pt=home&li=rbox-h2v&sig=f7a001aad3e86af7d167b5c2daa28b12b550da74cb90&redir=https%3A%2F%2Fserver.adform.net%2FC%2F%3Fbn%3D59722826%3BC%3D0%3Bgdpr%3D%24%257Bgdpr%257D%3Bgdpr_consent%3D%24%257Bgdpr_consent_50%257D%2522%2520target%3D%2522_blank%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDd-Fso8LWb-Z3q_bveAQ%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDd-Fso8LWb-Z3q_bveAQ&vi=1671434000187&p=localplanetgermanygmbh-haier-sc&r=64&tvi2=4411&lti=deflated&ppb=CN8B&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMTE4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwiWFBCaHBgYZGMI0gMQ4AYYCGRjCOoqEJ05GAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogBiNnR4AGQARyYAd6y68nSMA&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.autozeitung.de/die-groessten-auto-skandale-107597.html?utm_source=taboola&utm_medium=campaign&utm_campaign=22164610&utm_term=3584575286&utm_content=ultrasurfing.com#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDynlIo0_bk_4Xs-f7wAQ
Title: Autozeitung

Search URL Search Domain Scan URL

URL: https://www.bereit-zu-reisen.de/?utm_source=taboola&utm_medium=cpc&utm_campaign=Twinrix_bereit-zu-reisen&utm_content=Asien-Urlaub+geplant%3F+Wichtige+Reiseimpfungen+im+%C3%9Cberblick.&utm_term=ultrasurf-ultrasurf&cc=de_cpc_oth_np-de-tvx-advt-210001_59608&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCF3Vco7umus_SJooHPAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCF3Vco7umus_SJooHPAQ
Title: Bereit-zu-Reisen.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=f87b531b419fb1e11685df08e751578a&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~-3476854689033046279~~BiIUK9GZ3Pi06TdmhK4CtVde1MdcpKmDAs7jH7QDzrjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLsGerDzOrQbQyEBS_OlLkUU8TZj4-5fWNBf4x-KwJ9GxlXA3zM5isJBEuE1Q7FUb0P0LzMPwe92DIfQ8g8hRPg0ieSSnOA79yJnnehKEveX6JHAiNYq-Z_fYS3bptKkR_yfL777iL7ztyIyFRBngc3&pt=home&li=rbox-h2v&sig=4042fe846e5cf158a8e20c899d995d9e62b016256a06&redir=https%3A%2F%2Fwww.bereit-zu-reisen.de%2F%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_campaign%3DTwinrix_bereit-zu-reisen%26utm_content%3DAsien-Urlaub%2Bgeplant%253F%2BWichtige%2BReiseimpfungen%2Bim%2B%25C3%259Cberblick.%26utm_term%3Dultrasurf-ultrasurf%26cc%3Dde_cpc_oth_np-de-tvx-advt-210001_59608%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCF3Vco7umus_SJooHPAQ%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCF3Vco7umus_SJooHPAQ&vi=1671434000187&p=gskde-twinrixbereit-zu-reisentwinrixsc-sc&r=20&tvi2=4411&lti=deflated&ppb=CIoE&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMTE4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwiWFBCaHBgYZGMI0gMQ4AYYCGRjCOoqEJ05GAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogBiNnR4AGQARyYAd6y68nSMA&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N755990.2621703TABOOLAEUROPELTD./B28852480.351609157;dc_trk_aid=542831275;dc_trk_cid=181406536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?utm_source=taboola&utm_medium=referral&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoqcCo_rW6tJxe#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoqcCo_rW6tJxe
Title: DS

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=7ff84c790be65d984a96fc3b1ae4197b&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~9168402129479320955~~A4QY90q1sZZ4RPq2oJ05Qo30V08wIwaOxoxExz4dG_rTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLsGerDzOrQbQyEBS_OlLkU_Jcmng3QKfxgN_vgDAQIU3bCzGqiQoglucGVo2jbNDpTgs5xtuWCYol7CTy_o-g_9Nd4leH4FSpZJbeOklqqTPDW2Kuy2R8uPHGeCijVF-9cMBMf2Cs-cNBVXt7DEEbr&pt=home&li=rbox-h2v&sig=fcb1407c00974f7878d540bcb15e26e5f44ed64e7c9a&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN755990.2621703TABOOLAEUROPELTD.%2FB28852480.351609157%3Bdc_trk_aid%3D542831275%3Bdc_trk_cid%3D181406536%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoqcCo_rW6tJxe%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoqcCo_rW6tJxe&vi=1671434000187&p=starcomgermanygmbh-dsaftersales-sc&r=47&tvi2=4411&lti=deflated&ppb=CMEH&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMTE4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwiWFBCaHBgYZGMI0gMQ4AYYCGRjCOoqEJ05GAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogBiNnR4AGQARyYAd6y68nSMA&cta=true
Title: Jetzt Buchen

Search URL Search Domain Scan URL

URL: https://www.meningitis-bewegt.de/?utm_source=taboola&utm_medium=cpc&utm_campaign=M-DAC-Leonie&utm_content=Meningokokken-Erkrankungen%3A+Das+Risiko+f%C3%BCr+S%C3%A4uglinge+ist+am+gr%C3%B6%C3%9Ften.&utm_term=ultrasurf-ultrasurf&cc=de_cpc_oth_np-de-mnx-advt-210011_53286&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSClylEo3fyo8b3s3KGTAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSClylEo3fyo8b3s3KGTAQ
Title: meningitis-bewegt.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=eb724152ff7a1b6618081e3179371649&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~-6158925753962428282~~Jh6zjKraqCeb0K28q2RUpT-TyDgekZxqTAVweE6QXqH6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdFcoT0Ljhi6q_7q-4aXBcLjTcElWTfIcUebXRiIA27_wBertETlBDEwEl6ESjeJHrdZ6liuP2LQ8KW3TiKZH2ZVcuC-JLRuzcRmRKC11qEydH63shPGjERd_BrT6M7qbGBBgvcJL4AVd_B8-ZWh3Vbk_xH4OYbohe1vRBIR0H0jpYC4fo_50K0u-o6LNIIUBg4AFaYt1t62-f66Dypdg0Rk1VP4V09-1dw1pnzlto54l&pt=home&li=rbox-h2v&sig=2adecf939892586ccb58777ecd3221574802be960764&redir=https%3A%2F%2Fwww.meningitis-bewegt.de%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_campaign%3DM-DAC-Leonie%26utm_content%3DMeningokokken-Erkrankungen%253A%2BDas%2BRisiko%2Bf%25C3%25BCr%2BS%25C3%25A4uglinge%2Bist%2Bam%2Bgr%25C3%25B6%25C3%259Ften.%26utm_term%3Dultrasurf-ultrasurf%26cc%3Dde_cpc_oth_np-de-mnx-advt-210011_53286%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSClylEo3fyo8b3s3KGTAQ%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSClylEo3fyo8b3s3KGTAQ&vi=1671434000187&p=gskdebexseromeningitisbewegtbexsero&r=62&tvi2=4411&lti=deflated&ppb=COwE&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMTE4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwiWFBCaHBgYZGMI0gMQ4AYYCGRjCOoqEJ05GAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogBiNnR4AGQARyYAd6y68nSMA&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://usagco.org/landing/register-11?lang=de&utm_source=taboola&utm_medium=discovery&utm_campaign=Germany_DSK_V11_+CPA&utm_item_id=3570673613&utm_publisher=ultrasurf-ultrasurf&utm_campaign_id=11581964&utm_tci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCBukMo3brEuvK76t-9AQ&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCBukMo3brEuvK76t-9AQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCBukMo3brEuvK76t-9AQ
Title: USA-Dienste

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N755990.2621703TABOOLAEUROPELTD./B28852480.351609154;dc_trk_aid=542622011;dc_trk_cid=181609175;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?utm_source=taboola&utm_medium=referral&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoyfbSyfOOkOK9AQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoyfbSyfOOkOK9AQ
Title: DS

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=90b98fb8306e8cef9356a0490d8b7e08&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~7698969842182110022~~A4QY90q1sZZ4RPq2oJ05Qo30V08wIwaOxoxExz4dG_rTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLsGerDzOrQbQyEBS_OlLkU_Jcmng3QKfxgN_vgDAQIUw74PAewPVa_H0QSwNVc4A5Tgs5xtuWCYol7CTy_o-g_9Nd4leH4FSpZJbeOklqqTPDW2Kuy2R8uPHGeCijVF-9cMBMf2Cs-cNBVXt7DEEbr&pt=home&li=rbox-h2v&sig=4e742e6bfbabf35bc5c08f3df3140108f0c4609dc082&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN755990.2621703TABOOLAEUROPELTD.%2FB28852480.351609154%3Bdc_trk_aid%3D542622011%3Bdc_trk_cid%3D181609175%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoyfbSyfOOkOK9AQ%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCs3lsoyfbSyfOOkOK9AQ&vi=1671434000187&p=starcomgermanygmbh-dsaftersales-sc&r=43&tvi2=4411&lti=deflated&ppb=CIsC&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMTE4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwiWFBCaHBgYZGMI0gMQ4AYYCGRjCOoqEJ05GAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogBiNnR4AGQARyYAd6y68nSMA&cta=true
Title: Jetzt Buchen

Search URL Search Domain Scan URL

URL: https://trk.nsoftrack.com/19050b94-f702-4ee7-8576-0a25d1c97b8e?site=ultrasurf-ultrasurf&site_id=1110515&thumbnail=https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5bb3dfafa84d1175dd4e2836216c0628.jpg&title=Ein+Spiel%2C+bei+dem+alles+erlaubt+ist&campaign_id=20986391&campaign_item_id=3565216242&timestamp=2022-12-19+07%3A13%3A21&platform=Desktop&click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDG_1koqpituoqquO2dAQ&c_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDG_1koqpituoqquO2dAQ&utm_source=taboola&utm_medium=referral&oct_dec=trk&bnr_id=rls1&costenc=pTTwKlh1_i1CpejArZ8yTwqNzxsdPM5lUoRRBwKjHfk=&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDG_1koqpituoqquO2dAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDG_1koqpituoqquO2dAQ
Title: BuzzDaily Winners

Search URL Search Domain Scan URL

URL: https://www.freenet.de/sport/topnews/nackt-gerucht-um-cl-moderatorin-40441826.html?utm_medium=referral&utm_source=ultrasurf-ultrasurf&utm_campaign=taboola&utm_term=20913617&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCx3Ewo3Jb8ipOJ3bdT#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCx3Ewo3Jb8ipOJ3bdT
Title: freenet.de

Search URL Search Domain Scan URL

URL: https://www.miele.de/c/miele-kaffeevollautomaten-2548.htm?utm_source=other&utm_medium=display&utm_campaign=de11v00_pcdds296_cpp&utm_term=taboola&utm_content=native_ad&utm_source=taboola&utm_medium=referral&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD0wVsowpjpkuDuqZGQAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD0wVsowpjpkuDuqZGQAQ
Title: Miele Kaffeevollautomaten

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=024637d6d80830276e89262ea510f4e2&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~-7980020574923583532~~fQvGyiToGfzC1Rx2p1IPBkARAEHG5NaaK9Etkn4W9ATTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLsGerDzOrQbQyEBS_OlLkU_Jcmng3QKfxgN_vgDAQIU3z20nZgBXPGW7-580FE97DBJ_jV6uyFuzNqcUSNChGocJJtBD1flCzvEq-eQ4b3G_DW2Kuy2R8uPHGeCijVF-_Ix6rhNEiv1xb5Ick-dtHN&pt=home&li=rbox-h2v&sig=9ef984d359830f239cdd42d10c23999fe31169dd8a29&redir=https%3A%2F%2Fwww.miele.de%2Fc%2Fmiele-kaffeevollautomaten-2548.htm%3Futm_source%3Dother%26utm_medium%3Ddisplay%26utm_campaign%3Dde11v00_pcdds296_cpp%26utm_term%3Dtaboola%26utm_content%3Dnative_ad%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD0wVsowpjpkuDuqZGQAQ%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD0wVsowpjpkuDuqZGQAQ&vi=1671434000187&p=pilothamburggmbhcokg-mielekaffee-sc&r=6&tvi2=4411&lti=deflated&ppb=CMoD&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMTE4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwiWFBCaHBgYZGMI0gMQ4AYYCGRjCOoqEJ05GAlkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogBiNnR4AGQARyYAd6y68nSMA&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://track.cleantrk.click/63158f8e-fbdb-413d-8ce4-34e125da3c53?utm_campaign=TB-DieselDE-SCH-002-DT-LP-hl2019&site_id=1110515&title=Neues+Urteil%3A+Sensation+f%C3%BCr+alle+Diesel+mit+Baujahren+zwischen+2011+und+2019&platform=Desktop&campaign_id=22435885&campaign_item_id=3591552058&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F2f87776b3580b772c988979fccc36347.png&site=ultrasurf-ultrasurf&click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCmv1Uop-aNkMysr-IW&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCmv1Uop-aNkMysr-IW#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCmv1Uop-aNkMysr-IW
Title: VerbraucherRitter

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Thumbnails%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/7d579126-4d18-4d00-912f-43f83ac27ee6?utm_source=tb&utm_campaign=de_dk&utm_term=ultrasurf-ultrasurf&utm_content=3591152095&t=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDOplMowePlgPPsmKuoAQ&dt=tb&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDOplMowePlgPPsmKuoAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDOplMowePlgPPsmKuoAQ
Title: NutraFlex Nahrungsergänzungsmittel

Search URL Search Domain Scan URL

URL: https://www.freenet.de/unterhaltung/witze/die-besten-militar-witze-fntdt-40381032.html?utm_medium=referral&utm_source=ultrasurf-ultrasurf&utm_campaign=taboola&utm_term=18434689&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDuuEYo8svtuYCeocsU#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDuuEYo8svtuYCeocsU
Title: freenet.de

Search URL Search Domain Scan URL

URL: https://www.hoeren-heute.de/d/gespraechssituationen/?utm_content=3577862802&utm_publisher_ID=ultrasurf-ultrasurf&mkt_tool_id=9bad33&utm_term=9bad33&act=ACT0000046889ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoe_display_taboola_de_hh_gespraechssituationen_acq_desktop_cw45_audibene-de2-sc_ACT0000046889ACT&utm_creative_ID=3577862802&aud_adcopy=Iserlohn%3A+Was+kaum+jemand+wei%C3%9F%3A+Mit+diesem+Ger%C3%A4t+verbessern+jetzt+tausende+%C3%9C50+ihr+H%C3%B6ren+in+Gruppengespr%C3%A4chen&tbclid=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDrvUIo0oathNfV-8OAAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDrvUIo0oathNfV-8OAAQ
Title: Hören heute

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbnails-1x3:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://fragebogen.geers.de/hoergeraete-testen-sta/?utm_source=taboola&utm_medium=display&utm_campaign=BLUECHIPSTSA_DE_GEE_ACQ_DIS_TAB_DES_STSA01_IMG_NOV5W&utm_content=3586505856&utm_term=ultrasurf-ultrasurf&utm_title=Iserlohn%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCDkFIorPGIoqz2i7G5AQ&_ad_placement=ultrasurf-ultrasurf&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCDkFIorPGIoqz2i7G5AQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCDkFIorPGIoqz2i7G5AQ
Title: GEERS

Search URL Search Domain Scan URL

URL: https://panzer.quest/?r=tabpq1deb&utm_source=taboola&utm_medium=referral&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD8gFsokIz6kJGN2o6eAQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSD8gFsokIz6kJGN2o6eAQ
Title: PanzerQuest

Search URL Search Domain Scan URL

URL: https://www.impfen.de/impfungen/guertelrose-herpes-zoster/?utm_source=taboola&utm_medium=cpc&utm_campaign=Guertelrose_Z-DAC&utm_content=Menschen+%C3%BCber+60+sind+eine+Risikogruppe+f%C3%BCr+G%C3%BCrtelrose.+Sch%C3%BCtzen+Sie+sich.&utm_term=ultrasurf-ultrasurf&cc=de_oth_oth_np-de-hzx-wban-220001_73060&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDvylMoqOzH87i-1ccm#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDvylMoqOzH87i-1ccm
Title: impfen.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=d2964534a494e0ae6c3149b2d4c6e00f&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&it=text&ii=~~V1~~3353548693169467271~~O8Ut5as-Q2jGLc711yIS08cNaIC8LvzDFHVuyvXmeV_TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLsGerDzOrQbQyEBS_OlLkUQZSqpT6ntHyelIF4pN4hCjtNhZyApD4p_8u9-H3Duw3woSLN3hz849oYoDW-QO7itrGXgHuGZuqG6xzC4Sc3S3mTd_Spr5m4kglEllxdQVOmK1MX7MWn34MZy3XlEn0D&pt=home&li=rbox-h2m&sig=659d4b54d9edbb5b62eca6e92f4e530ff4032dff835e&redir=https%3A%2F%2Fwww.impfen.de%2Fimpfungen%2Fguertelrose-herpes-zoster%2F%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_campaign%3DGuertelrose_Z-DAC%26utm_content%3DMenschen%2B%25C3%25BCber%2B60%2Bsind%2Beine%2BRisikogruppe%2Bf%25C3%25BCr%2BG%25C3%25BCrtelrose.%2BSch%25C3%25BCtzen%2BSie%2Bsich.%26utm_term%3Dultrasurf-ultrasurf%26cc%3Dde_oth_oth_np-de-hzx-wban-220001_73060%26tblci%3DGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDvylMoqOzH87i-1ccm%23tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSDvylMoqOzH87i-1ccm&vi=1671434000187&p=gskdeshingrixgrtelroseshingrix-sc&r=51&tvi2=4411&lti=deflated&ppb=CNYG&cpb=EhMyMDIyMTIxNS0xMi1SRUxFQVNFGLrmqMABIJijICoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxMzQ4gLTLyw1Am-MJSIiKEFD3rtkDWKLsEGMI0P__________ARDQ__________8BGDBkYwgfELsiGAJkYwjXFhDVHxgjZGMImCoQuDgYJGRjCNMzEKdGGDZkYwjSAxDgBhgIZGMIlhQQmhwYGGRjCOoqEJ05GAlkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogBiNnR4AGQARyYAduu68nSMA&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://fragebogen.geers.de/hoergeraete-testen-sta/?utm_source=taboola&utm_medium=display&utm_campaign=BLUECHIPSTSA_DE_GEE_ACQ_DIS_TAB_DES_STSA01_IMG_NOV5W&utm_content=3586505856&utm_term=ultrasurf-ultrasurf&utm_title=Iserlohn%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCDkFIoqsaW-cLz-Mr9AQ&_ad_placement=ultrasurf-ultrasurf&tblci=GiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCDkFIoqsaW-cLz-Mr9AQ#tblciGiCyfvRTWBGuMXhAy3ElbnYumnRyAoKKi_DLEn_1weKOMSCDkFIoqsaW-cLz-Mr9AQ
Title: GEERS

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 84

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=QX0aQXx3MFVlT3JFYkphTCtQSmNoRi9wblFXWWtzZm1jTGhvOXl4dUo0L1JIdkliS2lTeU02em9IN2orUzc4alVkNDJOc3NzbGZicUREaEJIekc2Vkh2dHo1RzVBK29sYzRWR2VBQkt2TmlUSGdTeVFCTm1adTBha2d6Y0dkS0d0NmN4OGNLdStUaXE5aDk5VDdWczdHamMrb0ZOdm4rQnBiRXdJTkRyaFB5cTZzSTB5N1pRTFBvQWphQVVYUFc0R1p4djkxQWRKV0hoQlhNbUVsSTdOK0NybVpWSURtSVkzZ2wrSGs4RUZPam1semNVSStQY0ZwUUtEN3FBSjFuazFMbStTfA&cppv=2

Request Chain 193

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=9ec302af-7f6c-11ed-90a3-1d03a5b20306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&

Request Chain 211

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=9ec205a5-7f6c-11ed-8f43-13ae17dc0206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

Request Chain 220

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6APEZ8I5NEX4Jma3PUcFQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

Request Chain 222

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

Request Chain 227

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6APEZ8I5NEX4Jma3PUcFQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

Request Chain 229

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

Request Chain 231

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6APEZ8I5NEX4Jma3PUcFQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

Request Chain 233

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MjA1Nzk1NDExODAwODY0MQ%3D%3D

Request Chain 332

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENnTcsemRTAImRBuHSFU7hs&google_cver=1

Request Chain 333

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0Yz1TSwMTdKfrD9Iyk-iqg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Yz1TSwMTdKfrD9Iyk-iqg

Request Chain 334

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJVR05DTFktRC00NDAy

Request Chain 335

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/PE8oDPfuyQ6KXSXouxQ6lw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-grcnUZNE2oK6wbH_fPqe0M8lxGazNaEyQLgjNg--~A

Request Chain 336

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBUGNCLY-D-4402

Request Chain 337

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGUwNGIzYTA0M2Y3NzVmNGQ1YmRmZTM2OGUzYzM2OGY4ODYzOWRiYw

Request Chain 339

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wGQMQNCMQA-zDCPuUc7AZQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wGQMQNCMQA-zDCPuUc7AZQ

332 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ultrasurfing.com/ 10 KB
4 KB 360ms
327ms Document
text/html 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ccd5e5b287ba30252aaebc8baca76dc649a9e85f78564d3c429c3e6fcdefbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 77be55bf3aae91e9-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 07:13:19 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YC3%2BLozwW0kHABbii4Uia58%2BlJFHsZw5S7IzMSADFzmQWiOIUusblS54JeEHy0abjtvdJMAeYyiqsohTieVofLY5%2F7oto7Rgr%2FPTCJ6MCUIIJfLxG7Y%2BclvKU8%2FhVdhwQBDo6Jv15h9zB0OP4ik4"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK reset.css
ultrasurfing.com/css/ 773 B
1 KB 317ms
317ms Stylesheet
text/css 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/css/reset.css
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: origSize=1050
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: W/"5f9a61f5-41a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMqSZIXN58MkQoCsqXlt%2B9cdYfKlFJO70oecmGhBLnhqmnISRmqFWG06JuhHaQfc5YKBBBhc%2BZ72ickfe4X1AK8N0b6lRsCkXesXLvHB5rT1CZTKjxICGFMJtzN%2Fsutix82CLoHMZvMtGxh54wNh"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
CF-RAY: 77be55c14e6891e9-FRA

GET
H/1.1 200
OK style6.css
ultrasurfing.com/css/ 11 KB
4 KB 59ms
41ms Stylesheet
text/css 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/css/style6.css
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 333
Cf-Polished: origSize=19201
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Mon, 20 Dec 2021 04:00:21 GMT
Server: cloudflare
ETag: W/"61bfffd5-4b01"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yspG2m9nEYb%2BUS3c9kWeoAXJSbD4mSU8ibhxf31nUphObp0hI6DzhBqTGtFQfaBk3Q5n8NWfpsGoP5fsfIthUYNagHAqxOR5HCh2VVrPz7xpu%2FUyEuFVYvNxB%2FzcbZjyds%2BzFQkcs7mKa1xBpAXH"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
CF-RAY: 77be55c168109bfe-FRA

GET
H/1.1 200
OK abb41fb6_photo0_610.jpg
ultrasurfing.com/images/ 61 KB
62 KB 53ms
34ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/abb41fb6_photo0_610.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c5f4caa1f2373533b0175a1a350c4a6e4ccb14918f40b7b66b7a82a38c6169

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 11069
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 62215
Cf-Bgj: h2pri
Last-Modified: Mon, 19 Dec 2022 04:06:01 GMT
Server: cloudflare
ETag: "639fe329-f307"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfVsuHylM4BVqIpOYyd5ZVNCEUiLqfGPOiQRLFwdJ0uqxX0DVnERt8agPMiRBStSm%2B1vdkDCn0vhzG9hfvvBY05buMfdR1xKUbZF0J0rkM%2B0UrMCucpYW77gUiYp0iVJfeEKMtrMBB3cLPwDCzO3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c17d999c04-FRA
Expires: Tue, 19 Dec 2023 04:08:52 GMT

GET
H/1.1 200
OK 8451b362_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 57ms
38ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/8451b362_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a906aa21f5269921b2c943fe3aae8df0fdf84d28732be908ac2f60a1073f59e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 39069
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7169
Cf-Bgj: h2pri
Last-Modified: Fri, 16 Dec 2022 16:45:05 GMT
Server: cloudflare
ETag: "639ca091-1c01"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZqw9srBcApsiRV7ZT6NwE6eGVyoZzYyNvgLwS%2BVazQ%2FDdJa6Ne5D1kbbxl0Er2RuR7KoUfLtxg%2Bm6%2BrDrJXpAiM0Zr3r72omOnzUlME%2Fp5m%2BsGUTwSUCbLih1FC0HGtZ%2BJCZsbtRSVw%2BhZwZEnt"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c17fb990d4-FRA
Expires: Mon, 18 Dec 2023 20:22:12 GMT

GET
H/1.1 200
OK 1976045a_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 57ms
37ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/1976045a_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a7d4372f1bb14b09f74270900b28cd66dc47063972792815a415f14b2208da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 134
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7530
Cf-Bgj: h2pri
Last-Modified: Mon, 19 Dec 2022 07:09:06 GMT
Server: cloudflare
ETag: "63a00e12-1d6a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80qN6WBY6%2BsMe197TrPwPg0%2FsxoBZfjlgCyyrs%2BSFjNy%2BmrKnlM3%2FOZCN9kxoebNfRWJukpi0p%2FY5ifjucQ29%2BsOY4bqO8ncVWrv05aF%2BGB0CoUS5AdFLyXyz3eMwYM96S%2BRluRmnFhqLxe1H7RF"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c18a0b928d-FRA
Expires: Tue, 19 Dec 2023 07:11:08 GMT

GET
H/1.1 200
OK abb41fb6_photo0_190.jpg
ultrasurfing.com/images/ 9 KB
10 KB 49ms
29ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/abb41fb6_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d09f79c5a2899a350481f8ba13c0a8a6e4b16553ca7a834fa5d180b29255ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 11069
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9220
Cf-Bgj: h2pri
Last-Modified: Mon, 19 Dec 2022 04:06:01 GMT
Server: cloudflare
ETag: "639fe329-2404"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5UUOZWaKYiNbx%2BxDfq2wJGT8jbkXtQOpNQMN%2FM%2FaBSyUEf0HBNB28mZ8P%2BNWXaf3WnKjFf8rt3N04lpq1R1YUZmwnB%2BZ6szOkawbWLpnCInGVI8LlOjGCi5LHP88owXY3PWht5nbFK2znGjsiqP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c188a39183-FRA
Expires: Tue, 19 Dec 2023 04:08:52 GMT

GET
H/1.1 200
OK 3f2cd046_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
7 KB 27ms
26ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/3f2cd046_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eca8bda9d0ae48b996ae9548565ab232944efdfb978e145b03f00ad47ec5b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 39074
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6770
Cf-Bgj: h2pri
Last-Modified: Sun, 18 Dec 2022 20:21:05 GMT
Server: cloudflare
ETag: "639f7631-1a72"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CjcGEOSqE2iRd6bNVBhiIJlr%2FlvrCneenevGO3R591QwUqnQAhskCB3Fp9MbbCvjLYhZabdhR9XNj%2FmWQiF3bdaM387ExJfD4rEp7SqLqA5cMvz9Jod7Qb2P%2BJbr6%2Bnaz5v0jd7TRKU%2BNN9nRop"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c1a8849bfe-FRA
Expires: Mon, 18 Dec 2023 20:22:07 GMT

GET
H/1.1 200
OK d7ef53c7_photo0_190.jpg
ultrasurfing.com/images/ 3 KB
4 KB 29ms
29ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/d7ef53c7_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f9dc29988b271893a22c1811c7ed2d11187bb817da30bc3d4c17b6994340e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 50880
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3548
Cf-Bgj: h2pri
Last-Modified: Sun, 18 Dec 2022 17:03:03 GMT
Server: cloudflare
ETag: "639f47c7-ddc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtVnmTBPjFZPj2b8RcVkpr%2FPAbWnZut5QrTMJ%2FRmtROZ97pirSQmNZrQEqkFAR9pGO98Ty%2FelEwClhrs1yryhik4wkawuALEWwsPIvq4%2FR0gZYfoLFVhvBGDkbErtI2QNl4afm56r7vyuh4bk9S3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c1b8f49183-FRA
Expires: Mon, 18 Dec 2023 17:05:20 GMT

GET
H/1.1 200
OK 119d0dc9_photo0_190.jpg
ultrasurfing.com/images/ 8 KB
9 KB 318ms
317ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/119d0dc9_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2d3947f37c2b8aada4814d0e45f8c45e283a8adfebf1223830592013aea863

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8198
Last-Modified: Mon, 19 Dec 2022 07:12:06 GMT
Server: cloudflare
ETag: "63a00ec6-2006"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLGJ8Psx8FXy2gLU%2B7TW69W%2F%2BYuUNyl2nux2nwdn6tWH59XFKHpOmQ3mgDe6Qx0hL5tKpcyEmal0CVNRkjCbzc64w6hYysYVIba1xxLHrHK5gkx%2BewIt9S51l9gD2%2BiFRhpDT0ufBPAfqhwhJbzK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c1ba78928d-FRA
Expires: Tue, 19 Dec 2023 07:13:22 GMT

GET
H/1.1 200
OK 1ec11146_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 30ms
30ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/1ec11146_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579da1174698df33234e147b1929993cd4a8fc9a02e4fc967494d69add5c73ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 11069
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7181
Cf-Bgj: h2pri
Last-Modified: Mon, 19 Dec 2022 04:06:03 GMT
Server: cloudflare
ETag: "639fe32b-1c0d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=753FTMD55bYRKT1uBI%2B%2BBgpv2UjnTmabzRBtOYM433IJ854Hhd%2FWFS7H9KFCFyZGlh0krqzs41eswCuDinarpk3BgpGiEwi6sA%2BaDHTBv2XHQgZvQMU0Y6bynpkg1UAOy9l9bs%2B14tWsYCSYJV%2B0"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c1b81c90d4-FRA
Expires: Tue, 19 Dec 2023 04:08:52 GMT

GET
H/1.1 200
OK 3f065ba3_photo0_190.jpg
ultrasurfing.com/images/ 8 KB
9 KB 27ms
27ms Image
image/jpeg 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/3f065ba3_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce14097b9e9c1ed98d053e09b70f83c22f28009356983d794ef56953917f6b32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 7073
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8180
Cf-Bgj: h2pri
Last-Modified: Mon, 19 Dec 2022 05:15:05 GMT
Server: cloudflare
ETag: "639ff359-1ff4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt9VSk4us%2BM6zft8UYaZr74qpZH6JIkkVW%2Bxw6Qcofis347pQupguVh1enIAFW61aFlVIlvLoJfd%2BvNK90TpwKGV%2BPXsbcMB3%2F4hmxtUCGnUfKBjJtuHfL38K6a9pe5bjCa%2Bb0dzyVCdBqzzOAic"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c1d8db9bfe-FRA
Expires: Tue, 19 Dec 2023 05:15:28 GMT

GET
H/1.1 200
OK rocket-loader.min.js Show response
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 12:21:11 GMT
Server: cloudflare
ETag: W/"6399bfb7-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipy1ieYwfjIDaO2hWkqBqZUePsRgecW32IYYOWV%2Ff2ulVSugl9PPSjvSQVyg%2FHiPpBEfAE25cMYb6jVl%2F1WYsVuA9h4eJ5iRwIBBa1MK0CPrWFFOw%2Bx7a4v%2BKahhp4PcYdKZ%2FvRPNa0XpqkLbbVE"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 77be55c1de749c04-FRA
Expires: Wed, 21 Dec 2022 07:13:19 GMT

GET
H2 200 Ultrasurfing.com_Responsive_ICF_260722.js Show response
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/ 31 KB
9 KB 554ms
73ms Script
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/Ultrasurfing.com_Responsive_ICF_260722.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2dc805d6b646bed8143003a293b2dfe9790f7a840b90c270465db84b421012a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-cdn: Lumen
x-amz-request-id: 3FBC4G0K7J79RZ5R
age: 484590
content-length: 8923
x-amz-id-2: fJdU0+Cvzpeamb2yLB4xPXPx3d8Te6epsUkB0UtYZ65epNcI2VNTl2ad1Yd/PluOoFXel7bR9SY=
last-modified: Tue, 13 Dec 2022 16:35:04 GMT
server: AmazonS3
etag: W/"c0a01350c33929fb6c9c06449145f0b9"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: must-revalidate, max-age=0
accept-ranges: bytes
expires: Tue, 13 Dec 2022 16:37:03 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
4 KB 182ms
79ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

207f42d225e15da39f5027b79fe873f8826cae2b5f252f1d93269567e02380bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2872
x-xss-protection: 0
bfcache-opt-in: unload
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
expires: Mon, 19 Dec 2022 07:13:20 GMT

GET
H2 200 aaw.ultrasurfing.js Show response
increaserev.com/ads/ob/tage/ 537 KB
151 KB 101ms
42ms Script
application/javascript 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6222b2afc92709b8b6b4dae5365f09019bdde51414ba7d4b2b61d4b877056a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 20:39:36 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1ySZMA4vR%2FBQjZ2AIz%2BOA3ryYJxrK4H2NjSZM%2BaWKZtaFN7sf7OTBrRnE4m5HLR%2Fk5dLZu2r3Yr1XDNnSiTKNMp6jRJYqkuo8dFps09IsC4SodPQRCNWeo5cY25au6elX3aoomsHL66gKrtqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 77be55c3aa61694f-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 144ms
59ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105623949-1

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

084edbd70a5834701562e829b7931566dc90ba3b7c2fa1676d74339385197dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43637
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 07:13:19 GMT

GET
H/1.1 200
OK bg_header.png
ultrasurfing.com/img/ 230 B
1 KB 64ms
64ms Image
image/png 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/bg_header.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 56313
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 230
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FcJR2HSmOszffV4EPHh1jOo7DDumVQk1ooyhq7ljERPqIUMUf6j7FArjANCvIxOQbRNX2dnrgKMeRTE19CYVkY31jxfomxUJBAyzLj6EX842uFairuUGLjhKfk1F%2FUW%2FbzL0zQIJ9kRQ%2BUi7XWm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c34a0c91e9-FRA
Expires: Mon, 18 Dec 2023 15:34:47 GMT

GET
H/1.1 200
OK logo-new.png
ultrasurfing.com/img/ 7 KB
8 KB 24ms
23ms Image
image/png 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/logo-new.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 15235738
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7316
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-1c94"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoIexjICQmQgq%2Fzt6cVNHzNKp9SjCVFb2K%2FW1B9L68g9ku1Vi%2F3n7Bm8m7zAGO5vj7tXaxw4YRrg8nvX3mzkl31YYVI9oR5P39H6E0iNmwj0qfdT3UhiSQym21U9Jk0EnVf8r8o1iKPKIF%2Bt%2BSc%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c34bf99bfe-FRA
Expires: Sun, 25 Jun 2023 23:04:21 GMT

GET
H/1.1 200
OK bg_nav.png
ultrasurfing.com/img/ 175 B
987 B 27ms
27ms Image
image/png 2606:4700:e6::ac40:c416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/bg_nav.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 15235738
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 175
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-af"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HshDf41%2FVqI5hhK6h984Axz8oKHxj1kk23M1Z3av2oYmgI82%2B4eIfEOaIj3bpxdibf5m1i1Xq5iy0egkd5sL1wxzlfN7GVIUeDC81ro89HkovontgMLfFxZXpJo33oyTWV63HVUFvQ5jakF0ou4M"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 77be55c349779c04-FRA
Expires: Sun, 25 Jun 2023 23:04:22 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 343 KB
30 KB 50ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb87e2c2a57188499ac992caee776f502cce8b8aad8c0bcbc4a3904acdfa7dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Dh06U33GlSEOVs6LPtkYVaGNdSr1fiay
Content-Encoding: gzip
Via: 1.1 varnish
Date: Mon, 19 Dec 2022 07:13:19 GMT
x-amz-request-id: D0QCJXYA51PGQC6S
Age: 28
X-Cache: HIT
Connection: keep-alive
Content-Length: 30148
x-amz-id-2: K0Bdk55daMjQAhBJ+i4+xNQUHCmFXlPiGZyhgcNOWzM/uVASDmq+q3sFiQk7HhKma+7YgqNMfjo=
X-Served-By: cache-hhn-etou8220043-HHN
Last-Modified: Thu, 15 Dec 2022 12:28:32 GMT
Server: AmazonS3
X-Timer: S1671434000.989959,VS0,VE0
ETag: "b08d8aaf896f7d8a8b5612fbaf07f105"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
abp: 56
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
X-Cache-Hits: 2323

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
70 KB 79ms
67ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbff17eb889b51f45293cb3e94069f56218584c0131539055e5936e767a1fae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71454
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 07:13:19 GMT

GET
H2 200 impl.20221215-12-RELEASE.js Show response
cdn.taboola.com/libtrc/ 698 KB
145 KB 60ms
20ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b96a281629dda172e65bc95d10d589a71b4b45edf4ee68a6d326789c9f66ab9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: GuayBGH6wparWsCu798iP3_FiYTquLw1
content-encoding: br
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: JY70F52EZ0Z0QF7W
age: 10739
x-cache: HIT
content-length: 148069
x-amz-id-2: pg8zLqSwqS/y9MSElRJLZuaFTkcDUdk+7RfpgnGM3UT07q+z1CU0Ycom7/zpnrx3SL0x7MqoKOA=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Thu, 15 Dec 2022 12:13:46 GMT
server: AmazonS3-br
x-timer: S1671434000.073574,VS0,VE0
etag: "1ece2524f4e13b48156b677a246be3e2"
vary: Accept-Encoding
content-type: application/javascript
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 29544

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 69ms
20ms Script
application/javascript 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:19:26 GMT
content-encoding: gzip
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 14035
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: F9cGp5uVNcLUHWrJWmyq-kXbvivgv6zAIgzret9qWnD8ZZa12TOF9A==

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
260 B 374ms
149ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Mon, 19 Dec 2022 07:13:20 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 310 B
451 B 81ms
24ms XHR
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822f3a0a006de5333f65d8b8a6182a657ea94f181049e2a424e63bc81da90346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 77be55c4ac0e91e7-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c30efa230bc7bf152b7de51852c2b6160211958fbe60c11a96d4f08a53a9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27536
x-xss-protection: 0
server: sffe
etag: "1425 / 30 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Dec 2022 07:13:20 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 108ms
34ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:10:40 GMT
content-encoding: gzip
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 161
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 6QRVBUeDI5NcD80RNn75v_vekdtC3uYo9_X5ncPgaGsMZCOPicgKIg==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 123ms
19ms Script
text/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: XRZFPSYY0E4RF6F6
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: o2U2o0XivKKb+Q+7FfcyGHRH0xxVADJjOKHkF2QPQdd89LzzQGXebMnj5iIIuXhOMmGRxWISJuY=

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 66ms
19ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:10:40 GMT
Content-Encoding: gzip
Via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1, FRA2-C1
Age: 161
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 17:02:43 GMT
Server: AmazonS3
ETag: W/"9678e76b6e6295571547f8fe5df68b88"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: 0CctxJfJ4OSws0EI6e4QTtItDhV4OwxvN0PY8P8HMZU_q69do811Yg==

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 302 KB
101 KB 125ms
38ms Script
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4cc3c4828ca3466dd9ae6fc32714aa6dc832c16205e709d78ff886275c39329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103343
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 15 Dec 2023 14:38:34 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 120ms
33ms Stylesheet
text/css 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 13 Dec 2023 20:10:46 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 119ms
32ms Stylesheet
text/css 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 19 Dec 2022 07:46:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 117ms
32ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105623949-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 06:27:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2756
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 08:27:24 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 20ms
20ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671434000096&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _npFzN9jlUXEwz6CfTF7ZLztf7albcUjjtmqXRfOTLH1msHwKDryxw==
x-cache: Miss from cloudfront

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 89ms
31ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 600
age: 0
content-length: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 89ms
30ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 600
age: 0
content-length: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 87ms
29ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 600
age: 0
content-length: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
server: ATS/9.1.10.25

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 273ms
136ms XHR
application/json 3.124.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.138.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-138-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edd9def57a86d388ae9b9e3277eb2715333c017eed3f095f6f0b6479957289f8

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 89ms
22ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 172ms
46ms XHR
text/plain 34.242.189.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.24.0&p=%5B%7B%22placement_id%22%3A%2237eaa091-35b7-449b-a0ee-8d097419227d%22%2C%22callback_id%22%3A%22575c0344d30e24%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%22babcd8a3-f4ba-41cf-b973-6884d25262a3%22%2C%22auctionId%22%3A%222585e23c-d121-4573-906d-13d36874b628%22%7D%2C%7B%22placement_id%22%3A%22f4656c87-ddf3-49a7-8377-cd7428d59a1e%22%2C%22callback_id%22%3A%225897f59099002ce%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%225f6d7004-f3f6-43b0-8f29-aba769379cd6%22%2C%22auctionId%22%3A%222585e23c-d121-4573-906d-13d36874b628%22%7D%2C%7B%22placement_id%22%3A%220c8173ff-0b44-4ed8-a88e-d5b19c887ab3%22%2C%22callback_id%22%3A%2259a5e162dc2fa69%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%22a81ae598-f709-4030-9827-02aa72f9fde7%22%2C%22auctionId%22%3A%222585e23c-d121-4573-906d-13d36874b628%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F&bust=1671434000146&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=8dd1a93a-4b57-48c2-bb46-883b9adb1799&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228dd1a93a-4b57-48c2-bb46-883b9adb1799%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.189.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-189-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 360 B
1 KB 93ms
31ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2c3b50384ff1a95beebe2d3b89159a6110e878601b4fd40e5997d955738bb58

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:20 GMT
AN-X-Request-Uuid: 0843f756-3f87-4b43-9573-5957735385b9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 360
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/252875/0/ 0
163 B 103ms
37ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/252875/0/mvo?z=1r&hbv=7.24,2.1
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
403 B 126ms
31ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.24.0
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: da1313699b5c21e0a865ccf02055c0a4327466cc819b603e5dff462580e5adad

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 19 Dec 2022 07:13:20 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://ultrasurfing.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
275 B 99ms
30ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 6 KB
1 KB 265ms
84ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a901df1020e7a65047dde44291f9622bd38a58526996f25da8fe250c09c603bd

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 19 Dec 2022 07:13:19 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 877

POST
H2 204 hb Show response
brightcombid.marphezis.com/ 0
98 B 384ms
110ms XHR
text/plain 52.204.6.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcombid.marphezis.com/hb
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.6.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-6-175.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 07:13:20 GMT
access-control-allow-credentials: true
server: nginx

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 175ms
115ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a7f769238d73000947a7fe79555c49e6dfc4198bf591d80c69c7a38229189a7e

Request headers

Referer: http://ultrasurfing.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
306 B 172ms
112ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: da22029c23fe8666c2d3dc11f00344a038e741fd1ddfa906a2755db771d3d851

Request headers

Referer: http://ultrasurfing.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 184ms
123ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3fe413ca426b9d7dc82c590310da4b36dda0c9bb657840b076ea2a38f169b8b3

Request headers

Referer: http://ultrasurfing.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 105ms
44ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a5a7120762e7fe09e34def07faebd5cd18e76480bd57f249271b6ee33384a6f

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Mon, 19 Dec 2022 07:13:20 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 6 KB
4 KB 332ms
216ms XHR
application/json 3.65.162.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.24.0&referrer=http%3A%2F%2Fultrasurfing.com%2F&tmax=2000

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.162.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-162-40.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b134f7ed2c5f409713923b4bd37199d4ee095fc443b2e5d743fe446a5dd426d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
accept-ch: sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 3926
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 431 B
991 B 254ms
163ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591660&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,ccf3c814-d44b-41b4-b42b-311230de5b1b,,&eid_pubcid.org=8dd1a93a-4b57-48c2-bb46-883b9adb1799%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.24.0&x_source.tid=babcd8a3-f4ba-41cf-b973-6884d25262a3&l_pb_bid_id=10073ed8656eab31&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.8831870090457723
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b2f58833b414d4cc749ec94e99fc8ac510b5477b8a75272890495d8bb298c335

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 431
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
762 B 255ms
165ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,ccf3c814-d44b-41b4-b42b-311230de5b1b,,&eid_pubcid.org=8dd1a93a-4b57-48c2-bb46-883b9adb1799%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.24.0&x_source.tid=5f6d7004-f3f6-43b0-8f29-aba769379cd6&l_pb_bid_id=10195c3a0708555&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.06003705812611648
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ed506f28b948404fd00cc46987169d3874d5ea18e3836b669e5aabb5186812c0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 427 B
758 B 354ms
263ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591658&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,ccf3c814-d44b-41b4-b42b-311230de5b1b,,&eid_pubcid.org=8dd1a93a-4b57-48c2-bb46-883b9adb1799%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.24.0&x_source.tid=a81ae598-f709-4030-9827-02aa72f9fde7&l_pb_bid_id=1026842d71cd9041&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.23187110857825033
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d056ef019edb16f9596646f1a8e0461b8dd0aa30d985fb5aa2e199290738ab44

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 427
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 45ms
45ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:11:05 GMT
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 135
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1960
x-amz-cf-id: h6509JZaEIbW2ikFXntYi7TPBdQZYyVKP49MrnsE2iqsbm21BoAVyg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
462 B 173ms
96ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=kNY9Umc14SugF&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%2237eaa091-35b7-449b-a0ee-8d097419227d%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%22f4656c87-ddf3-49a7-8377-cd7428d59a1e%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%220c8173ff-0b44-4ed8-a88e-d5b19c887ab3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2Cccf3c814-d44b-41b4-b42b-311230de5b1b%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: QNY8BH10ZEFSZRP79S34
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -yiqAUsEAeOpBMTmauzdUw7TRV2M9M81bk7c3drA0KCURhpz6XqHTA==

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 44ms
24ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
Content-Encoding: gzip
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Date: Mon, 19 Dec 2022 07:13:20 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 2879
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 02:43:04 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: fiE2ezxDoWIVL-MXyfMI61mzrxbtrBvcDo4Bni0ubJcPG4APDrOkJw==

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 74 KB
21 KB 450ms
437ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=07%3A13%3A20.189&lti=deflated&data=%7B%22id%22%3A338%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1671107286453%2C%22vi%22%3A1671434000187%2C%22cv%22%3A%2220221215-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1485%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1386.90625%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A120%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f920c839bfc683424ada755a951e837a34c5342e7e8c144ae0d6fd16b89dc38

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 418
date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220046-HHN
server: nginx
x-timer: S1671434000.212337,VS0,VE418
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 22:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Dec 2023 22:37:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 464 B
200 B 95ms
53ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f04b0177cbb9f714773bda5d775e3d75bb4b8d9f339b5d7ef99e492f8cebd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:20 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
338 B 246ms
110ms XHR
text/plain 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:20 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 19 Dec 2022 07:13:20 GMT

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 130ms
34ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Oct 2022 18:14:48 GMT
Server: Apache
ETag: "d4ed-5eaee7c12df48-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17131
Expires: Mon, 19 Dec 2022 07:28:20 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 129ms
48ms Script
text/javascript 99.86.240.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-21.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 01:43:08 GMT
content-encoding: gzip
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:24 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
age: 19813
x-amz-server-side-encryption: AES256
etag: W/"51c5af7d71728569b41d03503fff2de7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: geUUJMbarZBsDDXAbhgc51zoVpSsIJV_JrehWBZM21QaYLioWz2TYg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 87ms
29ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FNK044PCM9Y7VVCR
age: 3516
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHLsSax5E8eTl3Ji1bJ3jGsVDgxUo%2BMQ2kR%2Brdqu1vlLO4SYNjeao5LkSMlh%2F1OZ5V2dWeY9pVyAAW77k7WVFuaUzfi3dUNeJ3X3D8553xJYYzU403oXU8RLpXWP8v5%2BWlujPtlf%2BQktLRJGFeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 77be55c5df086904-FRA

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

57 KB
17 KB

114ms
49ms

Script
text/javascript

2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: AS6079NF7R64H2CK
age: 2660
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77be55c5e8789158-FRA
x-amz-id-2: 2mxyvxkHDv8YVtTpVImJWzSJ6t9LE3MMZGFNY9vGEvXz3eTx52Vj7bVgYIduyNqIsbtyyLaxBsg=

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 56ms
55ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=980458888&t=pageview&_s=1&dl=http%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=559518840&gjid=1252654498&cid=1468704805.1671434000&tid=UA-105623949-1&_gid=701649004.1671434000&_r=1&gtm=2oubu0&z=1537128795

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 163ms
105ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__de.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "7903281105347033007"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Mon, 19 Dec 2022 07:13:20 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 160ms
33ms Image
image/png 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+de.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/f275a300093f201a/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:06:13 GMT
x-content-type-options: nosniff
age: 292027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 15 Dec 2023 22:06:13 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 158ms
34ms Image
image/png 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:04:01 GMT
x-content-type-options: nosniff
age: 414559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 14 Dec 2023 12:04:01 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 132ms
18ms Image
text/plain 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 125ms
18ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Protocol: HTTP/1.1
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:20 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 145ms
30ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105623949-1&cid=1468704805.1671434000&jid=559518840&gjid=1252654498&_gid=701649004.1671434000&_u=YEBAAUAAAAAAACAAI~&z=1016200366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 07:13:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
121 B 194ms
194ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41bef8c741ba30781437f1e76668efc9f65a76ed5370cc06306daf3206f1d6f1

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: public,max-age=30
access-control-allow-credentials: true
cf-ray: 77be55c82ee49be9-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 317ms
214ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: http://ultrasurfing.com
cache-control: public,max-age=30
cf-cache-status: DYNAMIC
cf-ray: 77be55c6cc0c9be9-FRA
content-encoding: gzip
content-type: application/json
date: Mon, 19 Dec 2022 07:13:20 GMT
server: cloudflare
vary: Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 163ms
44ms XHR
application/json 52.214.61.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.61.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-61-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2e5ddd4fc367f447bd6e9b76b884cec4f132b57bab7fd2a986af75029536f6f9

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.15.36
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 86ms
21ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

05eefc92f1847ad4d18c94c7286884a8cd781fbfb82f13ca3cc19fa2b75a60e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
230 B 315ms
20ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 96d67845b593fd604b34f4be423cbdab04c16619bb7815116034e8aa304bc9f1

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:20 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8/v/ 688 KB
182 KB 173ms
18ms Script
application/javascript 2a02:26f0:3500:1c::1724:a36c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8/v/avcplayer.js
Requested by: Host: cdn.vidcrunch.com
URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/Ultrasurfing.com_Responsive_ICF_260722.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1c::1724:a36c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 735958e162947ba5a865bf5e44c430ef29c9798a4bbbffc06916547fccaa44d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdusdfqoVxgUIhiC_QnuiTPyYS_nXjfLMKFnNRO342mtrUSgIaaIRMDbryIKtbhEXO3flzZYz0qOTKXe63W0NPcYNUkeF6nh
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 185302
last-modified: Thu, 08 Dec 2022 13:47:31 GMT
server: UploadServer
etag: "8703f57a9eff209e3e119fe042254bfd"
vary: Accept-Encoding
x-goog-generation: 1670507251338156
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=HfwZ2Q==, md5=hwP1ep7/IJ4+EZ/gQiVL/Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 185302
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:18:20 GMT

GET
H2 200 track
servt.vidcrunch.com/ 0
71 B 501ms
112ms Image
text/plain 3.225.232.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.vidcrunch.com/track?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&cb=1671434000440&r=ultrasurfing.com&stagid=&stplid=&d35=&d65=&d66=8&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-232-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
63ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-105623949-1&cid=1468704805.1671434000&jid=559518840&_u=YEBAAUAAAAAAACAAI~&z=1152408421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 79ms
31ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-105623949-1&cid=1468704805.1671434000&jid=559518840&_u=YEBAAUAAAAAAACAAI~&z=1152408421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 96ms
32ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 07:13:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 527768
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 177ms
120ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=QX0aQXx3MFVlT3JFYkphTCtQSmNoRi9wblFXWWtzZm1jTGhvOXl4dUo0L1JIdkliS2lTeU02em9IN2orUzc4alVkNDJOc3NzbGZicUREaEJIekc2Vkh2dHo1RzVBK29sYzRWR2VBQkt2TmlUSGdTeVFCTm1adTBha2d6Y0...

360 B
664 B

98ms
33ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QX0aQXx3MFVlT3JFYkphTCtQSmNoRi9wblFXWWtzZm1jTGhvOXl4dUo0L1JIdkliS2lTeU02em9IN2orUzc4alVkNDJOc3NzbGZicUREaEJIekc2Vkh2dHo1RzVBK29sYzRWR2VBQkt2TmlUSGdTeVFCTm1adTBha2d6Y0dkS0d0NmN4OGNLdStUaXE5aDk5VDdWczdHamMrb0ZOdm4rQnBiRXdJTkRyaFB5cTZzSTB5N1pRTFBvQWphQVVYUFc0R1p4djkxQWRKV0hoQlhNbUVsSTdOK0NybVpWSURtSVkzZ2wrSGs4RUZPam1semNVSStQY0ZwUUtEN3FBSjFuazFMbStTfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

748c153677ecd51df2c67c7afd1dc77f653f8d152c6921d6024129815ab1a736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1065463
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=QX0aQXx3MFVlT3JFYkphTCtQSmNoRi9wblFXWWtzZm1jTGhvOXl4dUo0L1JIdkliS2lTeU02em9IN2orUzc4alVkNDJOc3NzbGZicUREaEJIekc2Vkh2dHo1RzVBK29sYzRWR2VBQkt2TmlUSGdTeVFCTm1adTBha2d6Y0dkS0d0NmN4OGNLdStUaXE5aDk5VDdWczdHamMrb0ZOdm4rQnBiRXdJTkRyaFB5cTZzSTB5N1pRTFBvQWphQVVYUFc0R1p4djkxQWRKV0hoQlhNbUVsSTdOK0NybVpWSURtSVkzZ2wrSGs4RUZPam1semNVSStQY0ZwUUtEN3FBSjFuazFMbStTfA&cppv=2
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 584098
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
544 B 77ms
20ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 any Show response
idx.liadm.com/idex/prebid/ 0
313 B 369ms
113ms XHR
text/plain 3.232.42.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.42.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-42-112.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: bd5c8dbb6856d869
vary: Origin
request-time: 2

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
316 B 56ms
43ms XHR
application/json 52.214.61.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.61.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-61-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.31.23
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 78ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ultrasurfing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
17 KB 526ms
523ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2492138058212635&correlator=1570521659541005&eid=31069125%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=331161030%2C1233247979%2C2138197022&didk=1715689860~1362427236~3935290264&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dpro-verbraucher.info%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D105353d91e13a83c%26hb_bidder%3Dtriplelift%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D300%26wrap_l%3D800%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26waae%3D400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=0&cookie_enabled=1&abxe=1&dt=1671434000573&lmt=1671434000&dlt=1671433999556&idt=758&adxs=325%2C436%2C975&adys=120%2C1421%2C120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x1420%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=1468704805.1671434000&ga_sid=1671434001&ga_hid=980458888&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79801a24d4746d53d0e58f264677ff713613387384a5ab819be07d5fefb66060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17686
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 128ms
68ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4317da5f11d2577417abdd427e3dcac6141e374a76135057998f29fd26a62def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11222
x-xss-protection: 0

GET
H2 200 container.html Show response
dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B7B 6 KB
3 KB 132ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:20 GMT
expires: Tue, 19 Dec 2023 07:13:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 22ms
22ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

f0776003f14963d1bebc73e37aba46309e844ce9c2f3cd650a15162029849ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 floating-unit.20221215-12-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 24ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20221215-12-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85c7880200a6170e38ac1d70d1c28159b3f4225f8ea7f26015b611baf28c5a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: k1455PEsRENkbiCUo4vVUyUGb7Iw9wzn
content-encoding: gzip
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: RFDWV7ANC9Q4MZ8G
age: 87
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: eKH5AT4o/Jop4r3NUG1I7kuTnrp3JcGATUTCvYZ4qK4aB7OWs3dVaAZ/Yu1e00evrpfFxYeu7z8=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sun, 18 Dec 2022 11:20:09 GMT
server: AmazonS3
x-timer: S1671434001.664364,VS0,VE0
etag: "15f1dec9ab66e7585b55226674b85802"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 42

GET
H/1.1 200
OK UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ 104 KB
30 KB 41ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:20 GMT
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
Age: 968892
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 30422
X-Served-By: cache-hhn-etou8220043-HHN
Last-Modified: Tue, 22 Nov 2022 07:02:09 GMT
Server: AmazonS3
X-Timer: S1671434001.687893,VS0,VE0
ETag: "7fcf5cdb23e918c79141cd7bbdf0b9cc"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -aTxfFvcJyrZFjUxpLaBUMGCt-NikJ2h08v2DUQexGnOL0AY-yojeA==
X-Cache-Hits: 181586

GET
H2 200 feed-card-placeholder.20221215-12-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 20ms
20ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20221215-12-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ec3b964d881cbdf58b1e9cd694b23050509b39f46362b089252ef75974084d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Z9c.Gtujs6Ty1uKYBaoi81HL6TDGAZ9r
content-encoding: gzip
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: QZGHTT9N6JX72FKW
age: 102
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1263
x-amz-id-2: 1bGCuJ6a/yoaHVCQcK+jIjCeQY6RcNcVS0EomASh+zoBaKRzRA8fOGTg9x77Ba0hyKi7ToWroaY=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sun, 18 Dec 2022 11:20:02 GMT
server: AmazonS3
x-timer: S1671434001.666558,VS0,VE0
etag: "088e2f944b3ce08df7b618b7943ddaeb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 408

GET
H2 200 userx.20221215-12-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 18ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20221215-12-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d771e8e3fac85b1113de6212248832838a6a24e6d3bde88342c7794e87b552b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: YdlCntm7SqtQ4PEvx1d.x9X_x2huy2mS
content-encoding: gzip
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: 7TZ3HK39EWXP4JP8
age: 68
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: VFl4zwI+B5neCi+FNX2MFse/vxIoZVcBba1OszTvWYHxQPgG+GaFKyWvQ/FRilG4kOHgE007wUE=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sun, 18 Dec 2022 11:20:45 GMT
server: AmazonS3
x-timer: S1671434001.679332,VS0,VE0
etag: "0f73685c0f5b00a0f3d2bde2cfba6afb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 102

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
231 B 197ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=4411&lti=deflated&ri=3742b4900c613312fb848e943b4c819d&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&pi=/&wi=-1709852854480885386&pt=home&vi=1671434000187&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=07%3A13%3A20.654&id=6851&llvl=2&cv=20221215-12-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 v5
metrics.getrockerbox.com/track/ 44 B
408 B 175ms
120ms Image
image/gif 172.64.175.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=21465727&tier_three=3575862843&tier_four=ultrasurf-ultrasurf&tier_five=Desktop&auction_id=2022-12-19+07%3A13%3A20&referrer=ultrasurfing.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.175.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A58HlKt5OekU5sSF85k%2B6vidYcBZrv0MJLBxteT3x%2Fn36yE%2FYXKQPA3HX%2Bhch4Wet07SP2nL1CfGPIoRgqRleSKWgmUm5yydux41HYpnYabWkUeVZrde7eWKKoRlGDZLDyH%2FYhc939%2FNgT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 77be55c8ada8bb44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 197ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=4411&lti=deflated&ri=3742b4900c613312fb848e943b4c819d&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&pi=/&wi=-1709852854480885386&pt=home&vi=1671434000187&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1671434000668%7D&tim=07%3A13%3A20.668&id=665&llvl=2&cv=20221215-12-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 v5
metrics.getrockerbox.com/track/ 44 B
574 B 175ms
119ms Image
image/gif 172.64.175.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=21465727&tier_three=3575862849&tier_four=ultrasurf-ultrasurf&tier_five=Desktop&auction_id=2022-12-19+07%3A13%3A20&referrer=ultrasurfing.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.175.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJU6A063n9%2Fy%2BJKddXUv5x23ZaLju9Dwdv7pakYKVOh7l0kHfqVnmV%2FRhw4uzUxptKzvmAQwOjPNUU7V5rqPnVfNQa9gINerOx81GJ5ztt0LYe%2FsmRSRjppVs9zCKIGlsy13d31Liuzp760%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 77be55c8adabbb44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
625 B 61ms
20ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

fd1addbea7b928df6ef2824e349a10b63f470d018d761d6ba5d9c2550e3d1762

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
3 KB 19ms
19ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: HTTP/1.1
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding: gzip
Via: 1.1 varnish
Date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: ZSYWDV613EWRQFZR
Age: 41
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1758
x-amz-id-2: zyoRYlp0DUQi7rOxqotjsUGVeDg2jXVIKZFqFlMrZ3FOAGkPB6oHKoLVv4lN564LBGSA15CQpCE=
X-Served-By: cache-hhn-etou8220043-HHN
Last-Modified: Wed, 07 Feb 2018 11:15:52 GMT
Server: AmazonS3
X-Timer: S1671434001.693662,VS0,VE0
ETag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
abp: 3
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Cache-Hits: 74

GET
H2 200 b46b106890f0a6dfa93e08344527326e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 21ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b46b106890f0a6dfa93e08344527326e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44599779d5041ac8bb0c1c6bcbbbf575ae8b605b7e1a2c12f530df394d127ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b46b106890f0a6dfa93e08344527326e.jpg
age: 2917179
edge-cache-tag: 603493322396578724782104340508143570032,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603493322396578724782104340508143570032,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 46
expiration: expiry-date="Fri, 18 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.naehrwertrechner.de/
content-length: 5112
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100101-IAD, cache-chi-klot8100089-CHI, cache-iad-kcgs7200111-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 18 Oct 2022 08:49:30 GMT
server: nginx
x-timer: S1671434001.714274,VS0,VE1
etag: "6c2bb80cc45850f5fb121c8187aaa51b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 62, 1

GET
H2 200 db12c5ab7329ee7bcb5ce3434a256667.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 18ms
17ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db12c5ab7329ee7bcb5ce3434a256667.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f0ccb364748f2329b7efcf49212cdf5814ea3c0766d857e9596d11a67011c0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db12c5ab7329ee7bcb5ce3434a256667.png
age: 420408
edge-cache-tag: 308434332730523508869108564046463317491,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308434332730523508869108564046463317491,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 357
req-referer: https://www.freenet.de/unterhaltung/tv/bauer-sucht-frau-letzte-hofwochen-schliessen-ohne-happy-end-40442228.html?utm_source=paid&utm_medium=referral&utm_campaign=newsaggregator
content-length: 3834
x-request-id: 54387bae3ac7bf701262e863d2ae7018
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200146-IAD, cache-bur-kbur8200105-BUR, cache-iad-kjyo7100101-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 13 Dec 2022 17:56:29 GMT
server: nginx
x-timer: S1671434001.715182,VS0,VE0
etag: "5dcdfb9808a34a7d86baf7a409717e9e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 41, 14

GET
H2 200 2617cc7bdd2c0876404629f7273a78b2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 18ms
18ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2617cc7bdd2c0876404629f7273a78b2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 875785701559e4d348ac8de0a88b94a5d3144023db70c394754379d2b6ce5c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2617cc7bdd2c0876404629f7273a78b2.jpg
age: 1612380
edge-cache-tag: 530341766772782077262192305332831042965,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530341766772782077262192305332831042965,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 111
req-referer: https://www.20minutos.es/
content-length: 8074
x-request-id: e506f64d50f2aeaf79f134541634150a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kcgs7200056-IAD, cache-bur-kbur8200108-BUR, cache-iad-kcgs7200169-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 29 Nov 2022 18:02:48 GMT
server: nginx
x-timer: S1671434001.719706,VS0,VE0
etag: "01378473b085af21c014453bc61f6794"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 149, 9

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
625 B 54ms
20ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

9c5cb954bbe1bc04c749673e114cb5ecba03633a51df5a0b0d9e3d6d458dc36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Mon, 19 Dec 2022 07:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 33 KB
10 KB 490ms
490ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=07%3A13%3A20.715&route=AM:AM:V&tvi2=4411&lti=deflated&data=%7B%22id%22%3A391%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA%22%2C%22ui%22%3A%22cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490%22%2C%22uifp%22%3A%22cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490%22%2C%22lbt%22%3A1671107286453%2C%22vi%22%3A1671434000187%2C%22cv%22%3A%2220221215-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2778%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1389.90625%2C%22mw%22%3A610%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10594721%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ebc79e5877bd8127a0806fde493b4a497df2527dc8ca1a0ce736f8e734427f89

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 472
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220046-HHN
server: nginx
x-timer: S1671434001.722657,VS0,VE472
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cta-component.20221215-12-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 18ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20221215-12-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e771fe0efd610e3869ea147051282b930b54e15a514d4a1e1dfeef70bf4e5635

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: QFgSbS660NeyvmVxhPzCjAxEfOGfOKT3
content-encoding: gzip
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: SWZ40PBF68B29NPE
age: 13
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5107
x-amz-id-2: +ws/Ppcx5TJt/JDBmernwCxwrw79jfzpGrOqn0znKYyQ4k5pJJ8Ye969dwQIAh0ZEdzQTp8pUik=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sun, 18 Dec 2022 11:19:53 GMT
server: AmazonS3
x-timer: S1671434001.728660,VS0,VE0
etag: "b6e08fe7dfe248e8fb91732890c05901"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 45

GET
H2 200 8d293ba9fc07c07c462afe54e990adf0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 22ms
22ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d293ba9fc07c07c462afe54e990adf0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f7a1fe2c0f70923cc34209e1cb8ab7aa4360d7ec803d3fc253448fab8f23833

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d293ba9fc07c07c462afe54e990adf0.jpg
age: 5169020
edge-cache-tag: 548774029861557713731336845333307917873,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548774029861557713731336845333307917873,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 76
expiration: expiry-date="Sat, 05 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://japaninsides.com/best-five-attractions-of-ghibli-park/
content-length: 9370
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200041-IAD, cache-iad-kjyo7100179-IAD, cache-chi-kigq8000119-CHI, cache-iad-kcgs7200054-IAD, cache-hhn-etou8220046-HHN
last-modified: Wed, 05 Oct 2022 16:39:13 GMT
server: nginx
x-timer: S1671434001.733284,VS0,VE1
etag: "a1d531a15bb40ad2da47063d3869ae87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 69, 1

GET
H2 200 ac52b5a87813f675a7582a5f27862210.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_520,y_416/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 21ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_520,y_416/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac52b5a87813f675a7582a5f27862210.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b11b4f293c4988bd58896f97a7f0c6a3308fb2206e03517f21c3974850399e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_520,y_416/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac52b5a87813f675a7582a5f27862210.jpg
age: 418948
edge-cache-tag: 561459014560919635729163418381279732524,401646030651671566814839488103023260854,29ecf9b93bbf306179626feeda1fab70
cache-tag: 561459014560919635729163418381279732524,401646030651671566814839488103023260854,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 305
req-referer: https://www.t-online.de/
content-length: 10464
x-request-id: 2def0dd0be32037d972878191232423b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000059-IAD, cache-iad-kcgs7200097-IAD, cache-lga21964-LGA, cache-iad-kjyo7100070-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 08 Dec 2022 10:51:53 GMT
server: nginx
x-timer: S1671434001.733276,VS0,VE1
etag: "5e27092041b2195b03c0bc0fb6079067"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 21, 1

GET
H2 200 renault_koleos_model_year_2021_4f6812a803.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/ 37 KB
38 KB 22ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/renault_koleos_model_year_2021_4f6812a803.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bec560230f3eb8f86c519e45c22247e6594345c603220b44fa8f347a9d5c288

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/renault_koleos_model_year_2021_4f6812a803.jpg
age: 2405636
edge-cache-tag: 327951867313783671697627555497574507390,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 327951867313783671697627555497574507390,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 1054
expiration: expiry-date="Sun, 04 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.garage-und-carport.de/zufahrt/bordsteinkantenabsenkung/
content-length: 37934
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100165-IAD, cache-sna10736-LGB, cache-iad-kjyo7100108-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 03 Nov 2022 10:04:56 GMT
server: nginx
x-timer: S1671434001.736624,VS0,VE1
etag: "f65c73247ad4ffd131cc1fd71d0cbc54"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 7, 1

GET
H2 200 59ffcfa7e42d64921a4f7d94a6d74772.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 21ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59ffcfa7e42d64921a4f7d94a6d74772.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e31328c801145f1256778edbb81c2b001364553db85e415063412361841bd5b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59ffcfa7e42d64921a4f7d94a6d74772.jpg
age: 2403021
edge-cache-tag: 372583711109974237291165818580236282390,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 372583711109974237291165818580236282390,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 152
expiration: expiry-date="Tue, 29 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.autozeitung.de/
content-length: 8564
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200120-IAD, cache-iad-kjyo7100137-IAD, cache-sna10728-LGB, cache-iad-kcgs7200032-IAD, cache-hhn-etou8220046-HHN
last-modified: Sat, 29 Oct 2022 16:18:47 GMT
server: nginx
x-timer: S1671434001.736674,VS0,VE1
etag: "e1e9fe764eceb425d75f78290a7ce789"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 14, 1

GET
H2 200 c427da116f15e1a8165b9c859212818e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 21ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c427da116f15e1a8165b9c859212818e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6560e554062abbad56bfeb5dfa0098fb6bf9e8984b03d7dff3b20fd61ed42328

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c427da116f15e1a8165b9c859212818e.jpg
age: 2233994
edge-cache-tag: 479327500524472408980330204168579019108,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 479327500524472408980330204168579019108,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 517
req-referer: https://www.t-online.de/
content-length: 17174
x-request-id: 840568ead76d3281ed10b85a20d22520
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kjyo7100124-IAD, cache-bur-kbur8200085-BUR, cache-iad-kcgs7200105-IAD, cache-hhn-etou8220046-HHN
last-modified: Wed, 23 Nov 2022 10:10:39 GMT
server: nginx
x-timer: S1671434001.739903,VS0,VE1
etag: "a27853270868a6b4d33aa85b2d81b650"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 48, 1

GET
H2 200 playlist-logo.svg
cdn.vidcrunch.com/assets/ 4 KB
4 KB 33ms
32ms Image
image/svg+xml 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/assets/playlist-logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a03bc6f8a4016dbc7a0ae2347008521083839f5076118ac7789fc3cd9071458

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Sun, 01 Aug 2021 07:06:04 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 95HKPYXCTA1FBJ2T
age: 4910940
etag: "373cb6f70f7cfcd6a451cbe5110eb1fe"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3684
x-amz-id-2: /w2JxQMlswI5hoOnxNAnmahIKWovcuTHk/I3n9W++5XTaznlzAKXTnD2sEEh6lst3zD5NKCIr18=
expires: Thu, 22 Dec 2022 11:04:20 GMT

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8/v/assets/ 34 KB
35 KB 78ms
20ms Font
application/octet-stream 2a02:26f0:3500:1c::1724:a36c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8/v/assets/31d54a4b841c0e438f13.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1c::1724:a36c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv74omojhFLdprsLBFMDrTbNkZbfrJQw_JfNyt5sguJ2eDfiV79lkgibawG1V9xr0YOYwdTmzVLXK0wXsMBJ6lBMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 35197
last-modified: Thu, 08 Dec 2022 13:47:32 GMT
server: UploadServer
etag: "2c47c15d01787b99d06f0e0f2b217396"
vary: Accept-Encoding
x-goog-generation: 1670507251901447
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=g1EYXQ==, md5=LEfBXQF4e5nQbw4PKyFzlg==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 35197
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:18:20 GMT

GET
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
145 B 480ms
119ms Image
text/plain 54.84.206.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track1.avplayer.com/ctrack?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&cb=1671434000838&e=cpll&cvid=&cpid=&str=external&vi=-1&wi=640&he=360&d66=8.2.6
Protocol: HTTP/1.1
Server: 54.84.206.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-206-23.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H2 200 91ff65ad7ec91fd3c96f9d2362db6129_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 12 KB
12 KB 53ms
52ms Image
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/91ff65ad7ec91fd3c96f9d2362db6129_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2e407adcd1f1f76232a2feab4dd7f8cfab656a21e923ddeb41c3ed667faa725

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Wed, 28 Sep 2022 12:34:13 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: S7KJ1EXR7T29EH6W
age: 484645
etag: "a7b0f0c5073138ca26fcd70ccadcb6ae"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 12320
x-amz-id-2: gD+iOt6eCX+M/kVOnviEq7pbmosaikrw5fsn/9zqjqJVMpJ9vUqe594h0u7evTlkvzyNmLAqVhM=
expires: Sat, 11 Feb 2023 16:37:06 GMT

GET
H2 200 61c52798d7dbae4070d1789bf23e84a6_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 10 KB
11 KB 66ms
66ms Image
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/61c52798d7dbae4070d1789bf23e84a6_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=cb471b4285e51c74118edb23f4a964b4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 962e14591b1134c488280aa7935148272b1c8efbd0fc00c31146138b4b42d226

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Wed, 28 Sep 2022 12:34:12 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: B2ZDK34HK67WXKEB
age: 484643
etag: "06d05eebf6f8d5d00f725c99488ff1c8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 10557
x-amz-id-2: aEKqHqcbSqMeo4BPuELoB7OQ1Ux5yPvE1HfvAQNguG4ZKqTg75o84VNuvDS8JZn8JnY90Sb6F6o=
expires: Sat, 11 Feb 2023 16:37:06 GMT

GET
H2 200 b5a1b44dee350a81aa532e9f7a414f37_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 7 KB
8 KB 52ms
51ms Image
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/b5a1b44dee350a81aa532e9f7a414f37_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=087dce497dec9f11d193619f3bb7691e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2bea2da9803c4ecc5861d210f88a8550399fa316e9a1d2e3e89c7319f5bbbfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Wed, 28 Sep 2022 12:34:42 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: YGV0PEZWZPS20S90
age: 484644
etag: "22052b55f6ab3fea3cd5596c987fe302"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7523
x-amz-id-2: 2hjyl38MqW4oDoahthWm0Yc+qcp5XRllSLTr/3C2YekzBd8HF0JG9tTdoe1UAEXOYNelcYDi0LI=
expires: Sat, 11 Feb 2023 16:37:06 GMT

GET
H2 200 f7406905194bde38fc5b64b56c1f40ab_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 12 KB
12 KB 35ms
35ms Image
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/f7406905194bde38fc5b64b56c1f40ab_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=e54b6f77d4fae66d9d530ef98a775501
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3f6995da1355f918b6b6b1801d4df9aca02bdb7f3f20c088812e2ca2fc1d1cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Wed, 28 Sep 2022 12:35:00 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: B2Z7Q4HC70M673X8
age: 484643
etag: "e89ef19daf8d921c2bfbdd75bda1dbc8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 12283
x-amz-id-2: mbdXUe8of36ASbD39CW+owlQuERcKhL3YL98iqzeHYq/f6beCRKp0aOtZych/BHoU11POwdaFcA=
expires: Sat, 11 Feb 2023 16:37:06 GMT

GET
H2 200 5544b7636de84a65b2f037aa576c9669_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 22 KB
22 KB 58ms
58ms Image
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/5544b7636de84a65b2f037aa576c9669_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=3f2dfea47ac28d3fbc595e839fb247c2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f94b99e126b3c8acd070cc337dfa76d8f836bf5d0b8e9a36ebf6a182ea9fd481

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Wed, 28 Sep 2022 12:34:38 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: YGV61QFMHJ0JFBDW
age: 484644
etag: "ab087a0153020a8382789561f7ef1a39"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 22050
x-amz-id-2: Bj0X/auMr1b1wL51l3p7hUHTnCAo/RbFVMFJ0rZVy07Fyem7ojVre5Ot3TsiU9iox89YZAqqIt0=
expires: Sat, 11 Feb 2023 16:37:06 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 9B64 427 KB
115 KB 136ms
21ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduw1FiojDHTkymvpPep_03QW00aHBlIQ0Bll1NQVQ7bdCakjNcbclXQ9mIl_0xgMBsSCPhumKysRXkDCpGFNzK9SdzkYRm6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 116981
last-modified: Tue, 13 Dec 2022 08:13:32 GMT
server: UploadServer
etag: "cd25de2ec0c4a951c47404fd1d56f1fb"
vary: Accept-Encoding
x-goog-generation: 1670919212449657
x-goog-hash: crc32c=Uhd+iA==, md5=zSXeLsDEqVHEdAT9HVbx+w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 116981
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 19 Dec 2022 07:23:20 GMT

GET
H2 206 rcj7tcnruje9yqxqq9ba.mp4
cdn.taboola.com/libtrc/static/video/v1670954026/ 366 KB
366 KB 20ms
20ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1670954026/rcj7tcnruje9yqxqq9ba.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ce7f01c6708187f992e2a407454418e33e967cef13328b3ec95453ba3616190

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: u0.EwJSeC7FWAd8PEp_Stl8v.bIFAAMQ
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish
x-amz-request-id: QXZ9FJZWTFGSE1ZR
age: 96
x-cache: HIT
Content-Range: bytes 0-374337/374338
x-amz-replication-status: COMPLETED
Content-Length: 374338
x-amz-id-2: ttue0eniehGaRLPdz6sX0heNBMrCn24qec8MGDhGDSmUjZquPipGakatGzBVWlHAhGSPBpPfQQI=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Tue, 13 Dec 2022 17:53:52 GMT
server: AmazonS3
x-timer: S1671434001.895983,VS0,VE1
etag: "02fc66922a48194f5bac5c6ba3b7f791"
content-type: video/mp4;codecs=avc1
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 79ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:20 GMT

GET
H2 206 f3h4th311kko5yoa3yf0.mp4
cdn.taboola.com/libtrc/static/video/v1667038828/ 268 KB
268 KB 37ms
37ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1667038828/f3h4th311kko5yoa3yf0.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4abc9e520ffd17bffe460e8ffffd3b91d9dc009f9d96b23ae82808276e6c3055

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Y.w1H76x6Tcxk0xMPmyJf5mTSktlNA8b
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish
x-amz-request-id: X1DRN9V5YVPSRP2N
age: 114
x-cache: HIT
Content-Range: bytes 0-274399/274400
x-amz-replication-status: COMPLETED
Content-Length: 274400
x-amz-id-2: sxJN0Y1uo4OWWBgS1f0AQGp+ZJ8pqwOcKJ9Mdnc/RBL9oQpqkaYFWqJGmDrSE8kEycx7euZFBS8=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sat, 29 Oct 2022 10:20:35 GMT
server: AmazonS3
x-timer: S1671434001.908586,VS0,VE1
etag: "e8b99a65b540215b469998e22bcbf661"
content-type: video/mp4;codecs=avc1
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cd4d0fe99bf2b41a84d09c733abacc45.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 46ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 86f13151e0e7358db45cd21e0418c586699343c229a9075fc3a3a9c0d73f3562

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
age: 1790168
edge-cache-tag: 324233040780883209357923753771169658070,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324233040780883209357923753771169658070,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 460
req-referer: https://www.espncricinfo.com/
content-length: 14554
x-request-id: 2088cdd55b6401a3b09fd7a699df4ed9
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200055-IAD, cache-iad-kjyo7100134-IAD, cache-sna10745-LGB, cache-iad-kiad7000107-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 28 Nov 2022 13:05:25 GMT
server: nginx
x-timer: S1671434001.911222,VS0,VE1
etag: "f0bb9064f59dc567fa31944e94ab14ea"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 75, 1

GET
H2 200 343bf4b20a34637562f85a694cbd9772.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 46ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/343bf4b20a34637562f85a694cbd9772.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9e81862b36a6c69c4eb33e1c1526c44060c3d98f94fcf57801b8accdbcc1f71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/343bf4b20a34637562f85a694cbd9772.jpg
age: 4593906
edge-cache-tag: 313237940025538893548632864722362250450,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 313237940025538893548632864722362250450,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 531
expiration: expiry-date="Thu, 17 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 30944
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100163-IAD, cache-iad-kiad7000141-IAD, cache-lax10650-LGB, cache-iad-kcgs7200071-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 17 Oct 2022 12:35:14 GMT
server: nginx
x-timer: S1671434001.911543,VS0,VE1
etag: "311fbeb13de7a0c9557ff155bae4b044"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 107, 1

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 119ms
27ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 07:13:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 346406
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 575ms
192ms Script
application/javascript 54.203.48.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.48.28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-48-28.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d4e2e9725ee16e81d98fb5ce1d7ca65f0abdb0255c709f0bb1beedb0e5df4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET d6932a57bc3c672a0b73ae0d14418d3e.mp4
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 0
0

GET
H2 200 1876bdacfa827147d3c97aaa19f2457c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 80ms
78ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8819fcb5f78faa81162daaee8ac5935a476a0cd31e813d3223e713d28c58184

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 24
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
age: 3538556
edge-cache-tag: 384355357410086004916290335446626268801,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384355357410086004916290335446626268801,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 863
req-referer: https://www.freenet.de/index.html
content-length: 3996
x-request-id: 683111cadfba575c7e2c542acd1b49a7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200177-IAD, cache-iad-kjyo7100034-IAD, cache-chi-klot8100078-CHI, cache-iad-kjyo7100033-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 21 Oct 2022 13:20:07 GMT
server: nginx
x-timer: S1671434001.941154,VS0,VE24
etag: "5776e4d76f04290670a35acf03a984bf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 108, 1

GET
H2 200 next-up-widget.20221215-12-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 19ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20221215-12-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dad9d8fec3272bfb8994109eec477795f9a07213a00d8a9a97eb08899f48d7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: W5KayeE_uWx4ClmwDzBNWX_MaEAUVrNk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:20 GMT
x-amz-request-id: CVP3SPMR92M0BNE4
age: 56
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4623
x-amz-id-2: ZNjGDjGUoIQeGN9t/lpOBHvkSXeDIqr9tnRD+qWbFU7uG5P2zTed7nQeXAY5crsIUoKBIZPyJrc=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sun, 18 Dec 2022 11:20:13 GMT
server: AmazonS3
x-timer: S1671434001.947476,VS0,VE0
etag: "6f07519def0b6812300ece796b791478"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 25

GET
H2 206 i4e6mcqdmllzr7bwcpen.mp4
cdn.taboola.com/libtrc/static/video/v1666003358/ 1 MB
1 MB 19ms
18ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1666003358/i4e6mcqdmllzr7bwcpen.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06713c81ab791cac2e344e6aebbe3983af163a0ac6b1d8917d329b72aa402f1f

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: HIVglB4wfW6ix1te7fePcZF1DftqD8cD
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish
x-amz-request-id: 0YGC735D2F9F2DEY
age: 75
x-cache: HIT
Content-Range: bytes 0-1168584/1168585
x-amz-replication-status: COMPLETED
Content-Length: 1168585
x-amz-id-2: xDASRZs6ralGZU+/gz/sdLiF59jKu6RSbBLT856STUH3Yet6Zc+2oOlghIxnMdLBe5GhKxY2p/0=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Mon, 17 Oct 2022 10:42:46 GMT
server: AmazonS3
x-timer: S1671434001.958170,VS0,VE0
etag: "d46d65fc657eeb3c552c5d564e1c3c0c"
content-type: video/mp4;codecs=avc1
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 206 d6932a57bc3c672a0b73ae0d14418d3e.mp4
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 3 MB
3 MB 119ms
119ms Media
application/octet-stream 8.249.61.243
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/d6932a57bc3c672a0b73ae0d14418d3e.mp4?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.249.61.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4565a34b0fba23d7b5b6a6471db6b633624f13f40723acda33cc310d1f4e3515

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 19 Dec 2022 07:13:20 GMT
last-modified: Wed, 28 Sep 2022 12:34:13 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 6YRRA4TR7F1F8QMN
age: 484653
etag: "81845cc6edba2f847949ed41c65043b2"
content-type: application/octet-stream
access-control-allow-origin: *
Content-Range: bytes 0-3024558/3024559
cache-control: max-age=5184000
Content-Length: 3024559
x-amz-id-2: Wg7FQkTR50n0fbWRFQXuL1F16WmPo3+hObyjdAJoJa5v0QqxOkItTbv3dmFZfxIR999tEo6mPOc=
expires: Sat, 11 Feb 2023 16:35:47 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b46b106890f0a6dfa93e08344527326e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44599779d5041ac8bb0c1c6bcbbbf575ae8b605b7e1a2c12f530df394d127ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b46b106890f0a6dfa93e08344527326e.jpg
age: 2917179
edge-cache-tag: 603493322396578724782104340508143570032,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603493322396578724782104340508143570032,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 46
expiration: expiry-date="Fri, 18 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.naehrwertrechner.de/
content-length: 5112
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100101-IAD, cache-chi-klot8100089-CHI, cache-iad-kcgs7200111-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 18 Oct 2022 08:49:30 GMT
server: nginx
x-timer: S1671434001.967593,VS0,VE0
etag: "6c2bb80cc45850f5fb121c8187aaa51b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 62, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db12c5ab7329ee7bcb5ce3434a256667.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f0ccb364748f2329b7efcf49212cdf5814ea3c0766d857e9596d11a67011c0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db12c5ab7329ee7bcb5ce3434a256667.png
age: 420408
edge-cache-tag: 308434332730523508869108564046463317491,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308434332730523508869108564046463317491,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 357
req-referer: https://www.freenet.de/unterhaltung/tv/bauer-sucht-frau-letzte-hofwochen-schliessen-ohne-happy-end-40442228.html?utm_source=paid&utm_medium=referral&utm_campaign=newsaggregator
content-length: 3834
x-request-id: 54387bae3ac7bf701262e863d2ae7018
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200146-IAD, cache-bur-kbur8200105-BUR, cache-iad-kjyo7100101-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 13 Dec 2022 17:56:29 GMT
server: nginx
x-timer: S1671434001.968534,VS0,VE0
etag: "5dcdfb9808a34a7d86baf7a409717e9e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 41, 15

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2617cc7bdd2c0876404629f7273a78b2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 875785701559e4d348ac8de0a88b94a5d3144023db70c394754379d2b6ce5c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2617cc7bdd2c0876404629f7273a78b2.jpg
age: 1612381
edge-cache-tag: 530341766772782077262192305332831042965,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530341766772782077262192305332831042965,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 111
req-referer: https://www.20minutos.es/
content-length: 8074
x-request-id: e506f64d50f2aeaf79f134541634150a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kcgs7200056-IAD, cache-bur-kbur8200108-BUR, cache-iad-kcgs7200169-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 29 Nov 2022 18:02:48 GMT
server: nginx
x-timer: S1671434001.968545,VS0,VE0
etag: "01378473b085af21c014453bc61f6794"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 149, 10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d293ba9fc07c07c462afe54e990adf0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f7a1fe2c0f70923cc34209e1cb8ab7aa4360d7ec803d3fc253448fab8f23833

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d293ba9fc07c07c462afe54e990adf0.jpg
age: 5169020
edge-cache-tag: 548774029861557713731336845333307917873,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548774029861557713731336845333307917873,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 76
expiration: expiry-date="Sat, 05 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://japaninsides.com/best-five-attractions-of-ghibli-park/
content-length: 9370
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200041-IAD, cache-iad-kjyo7100179-IAD, cache-chi-kigq8000119-CHI, cache-iad-kcgs7200054-IAD, cache-hhn-etou8220046-HHN
last-modified: Wed, 05 Oct 2022 16:39:13 GMT
server: nginx
x-timer: S1671434001.968517,VS0,VE0
etag: "a1d531a15bb40ad2da47063d3869ae87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 69, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_520,y_416/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac52b5a87813f675a7582a5f27862210.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b11b4f293c4988bd58896f97a7f0c6a3308fb2206e03517f21c3974850399e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_520,y_416/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac52b5a87813f675a7582a5f27862210.jpg
age: 418948
edge-cache-tag: 561459014560919635729163418381279732524,401646030651671566814839488103023260854,29ecf9b93bbf306179626feeda1fab70
cache-tag: 561459014560919635729163418381279732524,401646030651671566814839488103023260854,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 305
req-referer: https://www.t-online.de/
content-length: 10464
x-request-id: 2def0dd0be32037d972878191232423b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000059-IAD, cache-iad-kcgs7200097-IAD, cache-lga21964-LGA, cache-iad-kjyo7100070-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 08 Dec 2022 10:51:53 GMT
server: nginx
x-timer: S1671434001.969040,VS0,VE0
etag: "5e27092041b2195b03c0bc0fb6079067"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 21, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/renault_koleos_model_year_2021_4f6812a803.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bec560230f3eb8f86c519e45c22247e6594345c603220b44fa8f347a9d5c288

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/renault_koleos_model_year_2021_4f6812a803.jpg
age: 2405636
edge-cache-tag: 327951867313783671697627555497574507390,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 327951867313783671697627555497574507390,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 1054
expiration: expiry-date="Sun, 04 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.garage-und-carport.de/zufahrt/bordsteinkantenabsenkung/
content-length: 37934
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100165-IAD, cache-sna10736-LGB, cache-iad-kjyo7100108-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 03 Nov 2022 10:04:56 GMT
server: nginx
x-timer: S1671434001.023855,VS0,VE0
etag: "f65c73247ad4ffd131cc1fd71d0cbc54"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 7, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59ffcfa7e42d64921a4f7d94a6d74772.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e31328c801145f1256778edbb81c2b001364553db85e415063412361841bd5b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59ffcfa7e42d64921a4f7d94a6d74772.jpg
age: 2403021
edge-cache-tag: 372583711109974237291165818580236282390,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 372583711109974237291165818580236282390,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 152
expiration: expiry-date="Tue, 29 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.autozeitung.de/
content-length: 8564
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200120-IAD, cache-iad-kjyo7100137-IAD, cache-sna10728-LGB, cache-iad-kcgs7200032-IAD, cache-hhn-etou8220046-HHN
last-modified: Sat, 29 Oct 2022 16:18:47 GMT
server: nginx
x-timer: S1671434001.024102,VS0,VE0
etag: "e1e9fe764eceb425d75f78290a7ce789"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 14, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c427da116f15e1a8165b9c859212818e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6560e554062abbad56bfeb5dfa0098fb6bf9e8984b03d7dff3b20fd61ed42328

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c427da116f15e1a8165b9c859212818e.jpg
age: 2233994
edge-cache-tag: 479327500524472408980330204168579019108,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 479327500524472408980330204168579019108,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 517
req-referer: https://www.t-online.de/
content-length: 17174
x-request-id: 840568ead76d3281ed10b85a20d22520
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kjyo7100124-IAD, cache-bur-kbur8200085-BUR, cache-iad-kcgs7200105-IAD, cache-hhn-etou8220046-HHN
last-modified: Wed, 23 Nov 2022 10:10:39 GMT
server: nginx
x-timer: S1671434001.024359,VS0,VE0
etag: "a27853270868a6b4d33aa85b2d81b650"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 48, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 86f13151e0e7358db45cd21e0418c586699343c229a9075fc3a3a9c0d73f3562

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
age: 1790168
edge-cache-tag: 324233040780883209357923753771169658070,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324233040780883209357923753771169658070,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 460
req-referer: https://www.espncricinfo.com/
content-length: 14554
x-request-id: 2088cdd55b6401a3b09fd7a699df4ed9
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200055-IAD, cache-iad-kjyo7100134-IAD, cache-sna10745-LGB, cache-iad-kiad7000107-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 28 Nov 2022 13:05:25 GMT
server: nginx
x-timer: S1671434001.007175,VS0,VE0
etag: "f0bb9064f59dc567fa31944e94ab14ea"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 75, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/343bf4b20a34637562f85a694cbd9772.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9e81862b36a6c69c4eb33e1c1526c44060c3d98f94fcf57801b8accdbcc1f71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/343bf4b20a34637562f85a694cbd9772.jpg
age: 4593906
edge-cache-tag: 313237940025538893548632864722362250450,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 313237940025538893548632864722362250450,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 531
expiration: expiry-date="Thu, 17 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 30944
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100163-IAD, cache-iad-kiad7000141-IAD, cache-lax10650-LGB, cache-iad-kcgs7200071-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 17 Oct 2022 12:35:14 GMT
server: nginx
x-timer: S1671434001.007179,VS0,VE0
etag: "311fbeb13de7a0c9557ff155bae4b044"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 107, 2

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E984 13 KB
5 KB 61ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 21:54:32 GMT
expires: Mon, 18 Dec 2023 21:54:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5DD5 783 B
535 B 57ms
55ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1015286a98a864590d2dd5eeec4e9a9da904ed79010efc53da26ac9d5ad78e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UqeAFEnkmHKE_LoqzuXL8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-UqeAFEnkmHKE_LoqzuXL8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:21 GMT
expires: Mon, 19 Dec 2022 07:13:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cd4d0fe99bf2b41a84d09c733abacc45.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 19ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3d9dfc68f6695399d2675bac7930985e3099d615566604e436a04432a8bcc3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
age: 1788329
edge-cache-tag: 324233040780883209357923753771169658070,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324233040780883209357923753771169658070,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 380
req-referer: https://schnellerezepte.eu/lende-im-speckmantel-mit-champignons/
content-length: 6326
x-request-id: 588047bca0938d0e384bda740795a6fe
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kiad7000051-IAD, cache-bur-kbur8200026-BUR, cache-iad-kcgs7200086-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 28 Nov 2022 13:05:25 GMT
server: nginx
x-timer: S1671434001.035367,VS0,VE1
etag: "4852cb4d9052cbe698155348c831c6d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 142, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8819fcb5f78faa81162daaee8ac5935a476a0cd31e813d3223e713d28c58184

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
age: 3538556
edge-cache-tag: 384355357410086004916290335446626268801,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384355357410086004916290335446626268801,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 863
req-referer: https://www.freenet.de/index.html
content-length: 3996
x-request-id: 683111cadfba575c7e2c542acd1b49a7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200177-IAD, cache-iad-kjyo7100034-IAD, cache-chi-klot8100078-CHI, cache-iad-kjyo7100033-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 21 Oct 2022 13:20:07 GMT
server: nginx
x-timer: S1671434001.045257,VS0,VE0
etag: "5776e4d76f04290670a35acf03a984bf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 108, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3d9dfc68f6695399d2675bac7930985e3099d615566604e436a04432a8bcc3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd4d0fe99bf2b41a84d09c733abacc45.jpg
age: 1788329
edge-cache-tag: 324233040780883209357923753771169658070,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324233040780883209357923753771169658070,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 380
req-referer: https://schnellerezepte.eu/lende-im-speckmantel-mit-champignons/
content-length: 6326
x-request-id: 588047bca0938d0e384bda740795a6fe
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kiad7000051-IAD, cache-bur-kbur8200026-BUR, cache-iad-kcgs7200086-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 28 Nov 2022 13:05:25 GMT
server: nginx
x-timer: S1671434001.061999,VS0,VE0
etag: "4852cb4d9052cbe698155348c831c6d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 142, 2

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9B64 372 KB
125 KB 80ms
31ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 9B64 174 KB
55 KB 21ms
20ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdutFCHZrZzZOmwuOKhQw2Yvg7LqBbPW-WqJzjpqALFod3uM94cNFc9z-OA2fXsIuHwHTPqM5yNE_Bc20pT5BXYkgA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 55951
last-modified: Tue, 13 Dec 2022 08:13:33 GMT
server: UploadServer
etag: "848612c9b5fc41ff4495ce51cdc24e14"
vary: Accept-Encoding
x-goog-generation: 1670919212995289
x-goog-hash: crc32c=fdkd8w==, md5=hIYSybX8Qf9Elc5RzcJOFA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 55951
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 19 Dec 2022 07:23:21 GMT

GET
H2 200 / Show response
serv.vidcrunch.com/api/adserver/tag/ 14 KB
3 KB 496ms
119ms XHR
application/json 54.197.177.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.vidcrunch.com/api/adserver/tag/?AV_DNTCHECK=1&AV_VIDEOURL=https%3A%2F%2Fcdn.vidcrunch.com%2Fintegrations%2F62df7d0fd29282460c39aff8%2F62df7da6d292823c0039affb%2Fd6932a57bc3c672a0b73ae0d14418d3e.mp4%3FchannelId&veid=8d07283d1601710af947f7fb0b55d51d&AV_SLOTT=-2&AV_SECURED=0&AV_LANGUAGE=en&AV_URL=http%3A%2F%2Fultrasurfing.com%2F&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&AV_CHANNELID=62df7c7bac65d13f1813cc8e&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ultrasurfing.com&AV_DADPOS=1&d36=6.2.68&responsive=1&sver=3&avtoken=1092&omv=1.0.1&AV_D66=8.2.6&clsid=714d4b5b-89a1-4fe7-8ceb-89184a3342dc&rando=101&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1671434001095&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.177.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-177-246.compute-1.amazonaws.com
Software: /
Resource Hash: e9c97d4dc68be6bd48f1914ca8addb3e93afc70fe76211c02560e2290b21191b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 07 Dec 2022 17:26:41 GMT

GET
H2 200 track
servt.vidcrunch.com/ 0
70 B 111ms
111ms Image
text/plain 3.225.232.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.vidcrunch.com/track?r=ultrasurfing.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.68&apppkg=&fv=1&proto=http&d66=8.2.6&clsid=714d4b5b-89a1-4fe7-8ceb-89184a3342dc&rando=101&pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&stagid=&stplid=&e=inventory&vi=100&cb=1671434001094
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-232-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 container.html Show response
dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12B2 6 KB
3 KB 63ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:20 GMT
expires: Tue, 19 Dec 2023 07:13:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9A5 6 KB
3 KB 59ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:20 GMT
expires: Tue, 19 Dec 2023 07:13:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD05 6 KB
3 KB 57ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:20 GMT
expires: Tue, 19 Dec 2023 07:13:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DD5 0
0 92ms
53ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2492138058212635&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
145 B 222ms
111ms Image
text/plain 54.84.206.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track1.avplayer.com/ctrack?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&cb=1671434001190&e=cpst&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6
Protocol: HTTP/1.1
Server: 54.84.206.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-206-23.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
145 B 224ms
113ms Image
text/plain 54.84.206.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track1.avplayer.com/ctrack?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&cb=1671434001190&e=cply&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6
Protocol: HTTP/1.1
Server: 54.84.206.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-206-23.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame E984 36 KB
16 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 19:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 19:24:54 GMT

GET
H/1.1 200
OK st Show response
imprammp.taboola.com/ Frame E040 742 B
772 B 52ms
30ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&cmcv=&pix=undefined&cb=1671434001222&uv=3245&tms=1671434001222&abt=id5mc_vA!Noappq22_vD!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b6c03918-7fce-4804-9a26-0d63e1ca8a47&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: nginx
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-hhn-etou8220037-HHN
X-Timer: S1671434001.256186,VS0,VE10
transfer-encoding: chunked

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7B85 742 B
827 B 94ms
29ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 19 Dec 2022 07:13:21 GMT
machineid: 3407
server: nginx

GET
H/1.1 200 st
am-vid-events.taboola.com/ 0
112 B 63ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&cmcv=&pix=31589837&cb=1671434001222&uv=3245&tms=1671434001222&abt=id5mc_vA!Noappq22_vD!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1671433999193.6!ts:1671434001222&mntl=1
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 1x1.png
d24zb9qreavi2u.cloudfront.net/ 95 B
427 B 111ms
25ms Image
image/png 65.9.86.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24zb9qreavi2u.cloudfront.net/1x1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-43.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 00:42:34 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6184.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 07:24:25 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 23452
etag: "71a50dbba44c78128b221b7df7bb51f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: 9601rmZES8CQzOevTuXrcohHAaTfN-7sFsuF6c1FscZKQ268tYLFOQ==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BDA2 624 B
556 B 141ms
86ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYi5uS3AEwAQ&v=APEucNXwBJiDeWQPhloZz9MMlhGEkZI5Ejwyf5_BE-qhZwDl8VGJ7QLYW3YSneSlnedxe9-a2BlQRneRR9MGmOSRevbiQr98_Sw9LhYmzIr5TmDbUC7Pr75TqWIjBexJKboGSuMyvWyEqmNjRFw6FueWt4m5mxwX_czUsCsnp6yHcZzE2NK0YRBG9G2I3rr-BQmuFamfAJZzlMaWnmRVuQOBO6FtGtIvoQ

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:21 GMT
expires: Mon, 19 Dec 2022 07:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 12B2 28 KB
18 KB 102ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnwtMmnWJzvTZpIqA-4a9yhnQ8wo5Qh7u1wIqzJKj0BDEBvEyxOD9qPfw9dBhcDdu1O1jxrfSQJvL9fKCuvVMzjlQWSn7m3Rhyzh7wZuViAZTRr0L9pOhQKpcVO0Q0tiH6nupP8yKDVCftpkriBG2dT8TffhbzUaZ6XJLhjEiGeyDwmlw&cry=1&dbm_d=AKAmf-CsHgvjrr81Vxoxn155Hf-m9R-Fwv-kFULJ2wuWZhp6qzdeKDK0JZeivwPuQvRvqFjbq4ho3qGH5Dbn1uxUbYoYRupZ_GuQQQfoFsYp0mFT0DA5fBX5cyyxl2S3nahGqpLQ2HwTGUwL5ogp7LMtZs8LbS6x9MiYvbLGNKPABCS36y2Z9qmJJC6sZRhhfmcZX4NrLshICoBinWm3t6QfL88wLxh-OxsMfK4yeEI88kh_Ee_8ysu080xnfEqDUrVsY7cXGrTfdQt1jxIed3ebwoDYP-LP7RmE_IjRdEKHn-w8NOu4z79yyFxBzk1LHada3tT-NvijvQBJ-lDhfLihLN60L7bEqayCT7xgtbqSHF2QjRyAC_LrhlSk-qYIvqRptQrh9G2R4GZ-u22_tZkpsG7MbviLvmtxcPqtChtB8gDDLkhsjkV8HMSXqbtERE-vD3Lv-poYiw11QW66BIW8AD5EBxkodAUx7k5tQuyObQscDOoaWoEpakV0Gdx3diTryrx05TuSLRu48OsfIFoIBPkyJZLFXkojjAfRZCWkz0vSkL8lBeSmVjtSiE8T8BPngTEsLGIrTv8NLPOfMGiLNDda5v3oZPgX3YfbOOWMNHh9ZgGYXWmVopZxSX8uyC8hihQZdXQDwuCZ8iC-4p7HDv5YFh_qQnVuVL3OjjOSBAnat-t61QS1nkomK-0wKZ5yiIFsPDBVZ0i_x-pR5R3KN-TrkLiqIUxeMr1KC8NMUAklF4789b8QjzCVcpA-OPujPMhSSofjaHA3LVkWtRjZZNP98DHTfONSmL9YzEFNrD6dcbl5-JIbDbUw4NqA-mQoG8DHjck8vX58ZREPceASZt2zyvm0uEWkVjdErflW0KtXPWiK-el4b0rp0asfdFGD5WTyw1Y-L7zzu8fuPSHDib9Unfbnc7l2NhZCsjp8SwO04ytrdbofcjfmGdzEo17xeoQ-swi7jPUhmRcKhvmLMg-Dbt-z_OKvrT9HPqiIPLVzEqWY-N6nP2x-h8vJQ62NqvgzVnONrdPmWUeSrBr5Dsr3adPx0RwxcRGCIE3mXHo4kcH7xyTVftxPeXUWYvjQHZ3N0_W1SYOXwCNR5exzURM2VCvcm8mp-wOdZCPfD7sk9ZslaXxmwa0829FJyh0Te_IqyMA28n7HMPb_da0vlP4FInLdoLo3Q-b-8uZpUOBix5c9Ayvg0l4tJNkSgayyP-AXjv0VC6t4-WEj96ca-fWzYVrQbNB0l9uosoc2lvjCttiNGwqceWTyL9bYYwjYUXlDlfMV5gtfMXgWDzrFdMOFx5xy6psTuUqZ8_r27uqRosfaxy23vKD9sx4DgpRpNY7OIgVAlC7cp9T7HkSrW5zw2I3bKx9IT6fQ_ofR_tYmRELIrEb2Y_j9i8VO7pBD_B3QeiV3o8Pw7nPOivOEv-t6kTUgRKEKwxxNCUHIvInAhA1bIW-fF1Zj5w5M17Ram5TF08S2CjYpg5RPLPnHTcjzg5Xvd34O23NyUIE5UT0au4ubWdEqmL2JCJZK-rzzbg5jsYhaJ3xYbN9xwYvR4gn00T7MaVzgz-mFdCh9pFVqaUbrTNq7iZniuAcCWN3Hqlh4w2a_wVL1E0OV6j0YJuwa5oYeL2gOZbYaVHI5pbWSH1eW-LVKK6uk9zSS7gM7wBjrzFWM9-cuDdTyXpMKiPD2ERK_W0ib8rEzragCz7COyc_Qgkno1eLTIVQ98FFSVypNwtY6nN5x7j6lVWpSbtcWPs8nE1BMheM1L475JEJ5UY-hXPD9nkFp1PYR84nqDsxbo7eIYC-rD9tAmLrIwnvgNmUR_morLjtHZxhq3t6Vj9_OoIv77N--RKm3LKew-QlcM8Q5VxTU8wu1NCohHS3HutG-BR36fHWb0UDLUr4FRMXQ7Ov01-OvDMWtXzxdF7OGK3jFxvt3Z7YnpJihDYmRVfdIl9sH2kEooNuXZgEeHlvdXZcla24S6gVliGPeRaWKwIicKah46DnOA0YmY7gxeUOWcrK56X5Tgj15wCiFcxIX0ulGmb8AwuNnrU9JgBC_2m37qZCIpCtHyo4TPs4AgvmnqhGPMZUhG-QXhAiqGPq8ukTL3kx-BtOa0G59Bn-t1MfhbxPYnRlC8JVUguXvC4ujPFsgm5QyZUtTuKtMM5lnXbRnprGodukYdapfI1LVvSUWLbYf3zrgTzr8KJYEHYChDoyqvY99Ky7T0sRUmLfU-wip-MEDB6H377N2kGe5mMksg6_tEY-Ku6oQVSJEFnKQNOcYBSSEQSOhDA_NGtNV_GD-lCjwzGmhEAMlVwf60_Xk8c0X9SR2vRcvYVABc2AYuWiEpoQDPg86nMcKSXuHL8CxU9s-MpBZ9FquZPHoghqr23isf_t5xMgnBybw-J-_SJogD2JjadSJdV70f_0M515n6qOIPEQeLx_bJgxKxrr-5WroBedYSNmtF9RNnDZEvOKf1VHjkWiSQ2hkFZYvKZw7SS6MWnVW6wN-gNR2LhR1knESS-8LYWkmSTabo47xy9KBj6YX4NHYS5K5TK2I2vLebNoIG0x7gWl6mDJFo9tHtEYjWxBwKYv4ADxOBpo_ws1IZ3e1SXZzQTQSC6CS6N5HVrzR_HsZ4aTojdGCw8O5Ef5Jo4qbhxF4sg9vheCpkgVAj5E4lXQ35XHjJ_dNMIH9Ccw0JMvHwwnbFlCsIBlGXtEkAS0o9V-bMTf3juyVPqm1ja47TAYtOD-I7k_t3coyVscTKbTB9zLU2yG5EroD2nb6vBEPMTGzRChRHjeFUe1d6tcVeSINvSXZZ0IIkDAImaixmmb8bkr6zmS5Dh8gti2ileDqeN-EP2CdzYVLkgCvHkORdXYOiY6hx7Xg2VfdCaLSObGGLa1sPYzQKJ_8jDqW01Hgf3xVzXeRgxjFuoNjdIa9kPGl0fIg-blTDu3OBBoVNJmjCwtUDFouoGszs1AUNgbBLN_Mn-MT7kkjkwJgkI-1qCZA0INTjz8Kp2jnyOnM6-gEJUzvoOpqY_IvbacjxA44Fbf0R-RZDAg_Ln6D-VsV-RegK6vJWWzemQ2TpfE4Fzcse6eEmyzNI_lXuXHRPmanwp_Uka0WEoJWpMig4R7WI0TraO99K1H_umC8A6myiv2yJO9Gy2Ni0HxQ4NJcUgmpb6P4ttq1mFSfWbmdQyByDKd8P05G415Kk3tOG0TqkmMtsIRiLvP-RxRnT4Qlw97ruTalOUZiudS9HxIWd4rQ-iFNVeC5yVv-p5TYNDY7Rg9Ww9T4SwFuO9sUJfSEMQEBEycX5eJ-kDjqt6uC3FH8jpsvXwTU-G-UtYhPV99tq1Ey2AKRzUA2bLwbBzDMMYB3gz22yR_6f0YDdmWnMDtB9JCDsEiggjzI6_dl-l_kiVkqZgGKjIdRitZlkRHSgntoF8utgEb2DylNaQEgPNq6yZ8WgV5aWbzEMXaSrGiaHFdpY44Y-4qa_Ei1Ccfkp1XYhy15D8lozKLX_fzuaACd_atuETk5x3neuiE&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&rfl=1%2Chttp%253A%252F%252Fultrasurfing.com%252F%240

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4005c2edf3f933d063b1625d3ede75d192bcc7e48cea7e03c2b96889fcb9790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12B2 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_YvWfh2Fy_cpl3_pKm1LquLi9nbiLR8n2AJonSlJ8gvbTRnXyXc1ZBfDyrQtXa6S8CEM9TWnSv5UHWF7dkwP_WaC4jKUQ4t0-rJD4qubLZpUeg3o

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 12B2 3 KB
3 KB 160ms
43ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60228056;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=461671819&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjOyDEA-gY4y2J8KJgAfD36S4DI7zsMZr67TO1PYQp-uivcABEAEghveGJmCVgoCAoAegAZH-0aIDyAEJqQLOG7AQ3cKxPqgDAaoEmAJP0IOwDAHXFZD9-nHvruY6h0v7br3f1Vxy9PGSMCJyaghqU4o0xMJzdXP9rlSf9jG7i4ev_3NAOI_8EhhRgYOn-o3vq4K7GLR-5ccoTetPba3jMBFqFW_C0JeQZ4PwO_UOhPzmKHp24TNjX3nRE5JnffVYYtlQ1pKzwU6YqHA2HoP-3UwgAQdtT35l8A85_-2OLuXi8clC525MPvgnNTSd_dqXuDUxwkF9_eo8kOpqd9Qx663lHxJsPmY30OsgCYsLKs9bJVDwK-vBciKY61yU6IRVdUObCBaVWd9-tLCOSepFo4yHHw9YwRCn3iORzvOjKd0Xfcik67Ri24fHUCP22NU1YI9Xxch5lPogyUYeozdbsE2q1BUCwASMhvDmgATgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE8_yshHQEwDYEwrYFAHQFQH4FgGAFwE&num=1&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&sig=AOD64_3NUhFRBdu_B-0nsWjCRS0ZyEH18g&client=ca-pub-1062972861553303&dbm_c=AKAmf-CjHiNNncbFWJODAUd4AVfEVZLoGhlYc9bsIZkryTL62_XLesTxU7uZbveGE_rxO7h3FtNvXjHg1ot_iiCPnMp54kQSFlIBkgS77W0OhyvSiy2f4xoLCEglrQOaUk3qY9mkkgs93QHBYmS58roai0hsVXMsY46HorOUxp_IQIF3qrMAkf4&cry=1&dbm_d=AKAmf-A1YDxT_FI9N9Ds7TNKJU-AYeyjteX1XnMPqRA9Iicy5Nasx2X1qISCwCpmsNO-WIlkmB9u0gDDSFV3pmka3hDjJMvyn5kV-RYP3mKdYGPSXgB9g-2UqL_Z56mNMqYfOwpAc6PHQ5UNSLaG7Zrb80uYQyRe_UXYYzMM2n4QGoqJPhuNSTiZq5Apn3gOm3Rprn3zu-UnoQpQX2kn5n8r06LJ-9EDx5xfKkJVVkDnedGDSY8XhFo8nA4fndQQzyLFZUo6g0rhT_uLduE5kucFY0Q5U3IBicEubsSJ3ymXb3P9C9HwDaZRT_SebMURPvXc2KwllTFxb7jOnYCMwalmqE7hxm1VfuW51OCfgtb-cl7Bhs4VgiKDq60OX1O7oHdX1WaYgc-kkU2VyaWnm6egA3OvG50B7mcMQsHxWOiBF7yzE0iqCDSJhxgcRpKIgzcyK5DkxHAnzWQGZJMUZGEiIth0WISfN1Ryt9TAgAbA1qMMwTUdLISsydZxws5GsmyTBap0rrhO8w-jYSK5KsF1hBE8yIiLIg&adurl=

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5de08af4f8821721309f755d78dca77375967d979c179560f02824ab1f86bd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2856
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame 12B2 43 B
1 KB 130ms
35ms Script
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=461671819&rnd=1671434000645900

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 19 Dec 2022 07:13:20 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 19 Dez 2022 07:13:21 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 12B2 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 20:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 20:52:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 12B2 18 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 03:16:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12B2 153 KB
47 KB 84ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C19C 624 B
505 B 140ms
89ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY-uWz3AEwAQ&v=APEucNVybArU7fe1G7t9PFNZNXIlnQcRXd0Wmn_BreX4T1Zb6zlHLXwNt1RK4BzuikuClCf058grzJDnxTjPkgLRtwVzCrzyUab1SRkLP9OPXZ3FV69YtCQzwbtesB6Btbf3mxaQQjA3taus78U-XyPVSaplVbGS5e-J7BkL33y-vjVAKHVgf7fwbV1vaBgkib9d_4e0CM698U0I3tYWrwxXTt1sl8ytBg

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:21 GMT
expires: Mon, 19 Dec 2022 07:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E9A5 81 KB
34 KB 111ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D70bZR2_NSh5UIABXyNTkiPCYgyl_MK7HPPTWtj4fP7SaFy6hLNtHx-WEw-6FqcozB3M9ykzb6SJvJ7n2aZjRVYn_zQg&cry=1&dbm_d=AKAmf-DOWOuiq3MSNozkAx6tr99lgePSA0T7NPvK-tgegf46gLjbJhDkcVYy3xUHirfErjpV9qR-pWC_XfEnIxzMfsf1ph_L3nqNWcxqWfSRBR03jsiM668IQhPzkNgDuxrHcRlVe1GT-B2oDw9beioKc-snXQM4E-wY1VqT4RYOTVYoh9RwFbyQa7UpPYv19GsylGxI1aMFwaGo4ZPwyPqyfFLZ0CdUS9E6-oPrrWeRtM-ibXqtzVMYmIuzFkafpfJBjGEWhl1AACBbZrNirS4tIBqxJ6B_ar_gxcjGsyh7bYa1k1CXesjpxsy7tVzdZne-D8LZLNpoJvFrIgQoYrOXVxie2XZ40U5dKHxoVlhZprf1bNAdDget3fyy1gcVgcJo9R-kSKUs4LdOwSBf5_o6ompUDU_ODElk0VhS8295LIgu4U3LCjix1VlONx8YdVC2lT78BzUrYgd8rUksgAPtBrHqHb9EksWhoghDuyaSRuNgYYjvkiWpTH5NF_zyLYVs33S2irxZqzPrBBHkn31SUhTM6CmXRnu4oAX2w8PaE-W7xZvRrplkI_gDEjFuooR9Lh4_QBVt0WOb_hjXbMqmgoBScJO_5nYqdLRxPsgWcs92m_Vw4ii8N-j0QJh-Ye-usiZpis-zgiowkInTABR1kP6p191i5sBW9MQPHe486PMQudxJ8xCN07GRSlVV7nIY55FYGnQGIzrbqWuf_DVE6FnW7khGuC5AKf5utweAd3_1U8Ct0HiycM67xUvDam24MYklQ5DyikEZfOIPq0erDbQ4X4KLv-KGqFTBunvUSyAJad0AoBIzDiPtfyvsy9J33bMYmkKlE2aixlooNUd-_hpoVxhfVA745AtiVINfkXP3JTwKJzL0vVcZ2bZ4VqR6pOr_VVASDPmqWd7scvgVrJ3JG0Z_BPSOGqu82zItiF7HZiAFW_lAeFIwVe5VbuIt0yAvNNz60ImFFx4lp40k40D44fdatMrHDzQO1v6ap3F9BAXQOV9HYVXE2qK9LUwilWTU3VljkDoUNtLfT6rMZk8LqBwTVoREdyaiyX_ArAoNtvjH4XnNJHBHtU68X3_ztKN2eW0fVmnp5t9DY1_Lb4d5Kgv2oL2uq_pWyVYURfJ38En6CtGI4ksP0L-CmkW2tp2NuT9-57y8ZSXtf_HTWHByWZHc0n6cmbeEJFe6fiW-ku0aKm2zMTgjntIHdYHYJ3CtcTrSVhOgBwKU1c6Aaw6jPvyunYhL3mG1teKMIExUT6OQW09AjDTWaWDiLxCaWX_4yF-AzYQ7WuSH4w0ovIwU-C7LwHqmJefOMamXqZP1zqlDbh618zeRz0wjBitSzV62rKmGUzDUMcJItUtiyP0WPyj-jw-VUDjEkjjUl2ikiWC9--P2ZZ9P9ZF8P4-0tnTyy2LFCOBUGUV44Wh7Yy1PJdfM3r4JzT5kT-OHgwICqLi7sKqaanLYOvvom71cz95blHanKd4aYGrphEjOZjoI0Fyoa5VE374QgP3SzI-6pqh2nKa6jptz1Ly2AsdVONClkEtIzlvgjQjCO4y-DPiqi3YexoTcebRQc3Y8oLOf9tFW8ICiuDYipLi-r2JSFCn0IlW-kbi70ckXMvV7GfAQEAoK37-1YnPOd_FYQyicMkId5Q6Rf7lI371BFqpOuitYcXiQzO_9RBxdWi4DTbmojWERraPmLocKJedwG-YvR1EhXeW5dTsLSrNrsEQCye7QuW475uPiBsQIZgBcHr4Au7uD3o5eh9Sul2jW-q1Wmn65kldU-Pm1NybBg1chrbvZrc2PqSaT3NvfTKJ3E4qt5KJ4Bsy3mCxF9L7J6KMb3C7DZokRTNc2IIkI8Vc5TXRsxeVcTLRQo2sSt9lCKE3b9M-UT2aUfSqMia7bVuepfiOA0MH6SklWmA7zN5r2mMLYY14XVOzoK9AaBz6AKjwS-EM84w-yqgnjTJz7izQ_JXz6OMiBnSvoKegRDrxyoWVCakDrxZElfpPmfNwNu320n6uct9yw4QTowbOTM7Pxb3r2wznUBZCjUxw-tX43fkad2AKwQfhe0hA9Y0-h1XuwsZW7VbbKN5xRgfcW6queD7XisKopogm_Rn8LSPqGXAEyO2ENxKuNtxeaLWmc2EqB4Xx3PGJfPdnuztXZ211S5vNEaG1tfbPvMyVxHxBZoxt85a8Is3KUmwzWdsyPnzAHsdxP-LXmh3nxJ2QVvc5I17D830q7JG7bE9pKIX2SCMaDAAesIo0m6ZNOE9VENfVW2-zI3EpzZ52jI9HLQoTfGVSIX_yUkQINOGo5Jr_YHliUEPdFwN3X7EM4_Cyf04eg1Pk8BEfkEXco-AR8JMMe07a-Si5VBXhc8RNhABHPHEMBbcj4Cipha7srWjGfNVxtJjqBFpYhSibd2ZYcPue5npTrk37u1jmG_e0WYHhpGRft5SSxayJlMKQ3tNGoWxjM8oDipPEifnsqMmZJVt7KkanP4dQZChVCTSJUytM8Q_FJlst2QW-MJ-nvcjfkjfCvlW_j7yNX2MMuwsvWAVehHy2pXxSTRqJCANa6iTnBNWMdc0qGIcN1EpSC9c8J_TPoZnb_B8x5SsIn_gsFxPnA7XAttRUEvXFRDZ2Qk1Uhy9ivp7QFHt-8XXeUdI0GAPf7OL7N4cQmSpLiad_ZclRd5BP6fnGjunrLnLaa4NEstM_jOYupA4eoQMRS3AHzujdEAv0G4B_wggB6sCXCDreT3dIiAq9Z_brnUNUtd2iHkRxSGeNk9sa0zD0Rtjc_l3MqG6uYd4SMjoIOYOgSW_bN2HHr_j34F99WWJRJKqmMmLZZ8imvu3PcC-C2VTDiqgPKFPwAY9YrQaDAc442cOWFvGWzNogwAgYZycRfEMbADByF6lbEz6XWumPpWCpeS8PuWi40szSTHtDRmxSfNJsByHbKhxr4Rubj_ni7BIqwm7x_TtFWbGeRcOtf92UncH2lBsplDW62xPw4KZ06ezNsvVDhdNV2_yPaseqNwqKeyMdzWjanQj-sLr1HxK2DKgW76JkMZW--Ncc-yPRfOddgwXK7qkeCBAxkdPOM5ci4wuFiUqE-5OJSEw1r1LalJis32YjQ4-oDhpEASAZx6892aLfNmNVTrRU79-YSCdcZ3u_Ncf90CElqIPiYIsMmg3fx3NrzvC3rZujaL61t3HWs5vMIlwhhEBkEo18MbEEEp4Pg9k_c7t2FspwLOspckEHnj5llEAOMKAiv5ldHvIDkzphuG2ppvJI54b4_IGcWNCuBNpREHUzZQsn4rpc6RoL5renlWXWnwcTVFnKH4DywC4t2Ox_ZUz_VpEqSgB4Qe_j9Ld4bGb9HeuhQ3JogWSPC8lQ3F2B3Wu4Qn9f7Fv1ppiq1bN0&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&rfl=1%2Chttp%253A%252F%252Fultrasurfing.com%252F%240

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db4e259a48d171f7453fe13cac5a805f065c2b20e831d7cf86103946a45bbedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34888
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A5 42 B
63 B 52ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Av35FMd63Hfd3t7xgNbu8xLZiKtmcvQtVZtYdV2ikzqDCCMSQ4SV7BQA57hjC3W_jIkm6KKsXncEnKtjO6FkmFlXX5RRM1T86umCUw61661IRK0Zg

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E9A5 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 20:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 20:52:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E9A5 18 KB
7 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 03:16:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9A5 153 KB
47 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ACCB 624 B
506 B 135ms
87ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYvcSW3AEwAQ&v=APEucNXTBm-rzR6qNNbvw6rpfd7DniRIfLDWyel4s3-g7w_nZBIENiuGdMrZNNqLxqVK-n6M3b3kh18loyoQH0p0EjdhFekqZuKlS6lGWm5o3Ky9_Ej5MedNHVPFu-rZC9ZV9U8NzlBsx9PO1LHWWV69nHoSt5aCpH_miTuPYIrgRTtIg6wdEw_6dV3cxLE-mT-bUFkzDaME2-uyugQ6azLVYpLZPPADQA

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:21 GMT
expires: Mon, 19 Dec 2022 07:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CD05 28 KB
17 KB 127ms
82ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AROMumnU5DBb7aP8-yj0EzpsLErYQXPIXbLyy_eoKgcPD0MEqllW9s1ZWQsJLxZv5l0GG6ejKmwbWaXJ97-h8zJFOwJS6P0XWM7rytzsCpeNxKfi4Oim7KLTaIE3b6UhD-q39HzuacX__Rh9h7mqUCtvXb0ylmqru-WLjGRRj-TBlcQzg&cry=1&dbm_d=AKAmf-CYyLzPOqw7XOivM1yfNDhsHNIF4zW51ilab0DZzEeAg1-Ro8LxlVyWDTQQD4yU8oylVyOWGgjZ2173FfsQArKiDhdTINXgPROrllnKMX5TQ4_cj-ScnVD1zBbRnoHFK9Ctt4Vr8Vizxe4WydyqdxD0E59wV_vs4i1LvkzUmRzqIPFg-GGSRpuVoEEtr7t4pbaGRKJYF9cEPxL3armtfWygM8Fry55sw955o4fDqZe0u6PnN_CyHmYsHkAMAgpQsRd5IHPQghgjT6PXOcK1Oa0-Sd-sZCX3Od-Q783lMdHKAcYIiIocfJBb4l9Q406f4mIWKGcoijjMwgUFQM5Op9y4Cl4zfNwdYX28NxUo8ONib85pKlvfC4Y6e1b2-aOtwwCt961M-b120bkt2jiU-PNsSs7AEjpz4bHN7LSfzWXaYqmxWVRBZ9b923FrmYHclkGeqcJRMx_5nQJLhffpINBSXBvk_mXliRbj7b-rLJaHxbyopNOI5tEd81ehw-OJ5OYHj1Fhu20TfRIAAcyrLxR5T2BDesjM51mH3AHLYjRARwCjBMeI7viiPhtFbtijvv3NT8suEI6TSwdAR-EGdw0LCrhH9JHEgGSSR8iB-WhjC2mpSJ3L101djpY_Gj2k84m8rD6an-CighczqGECpQ9UHZHLwVacR4R3O0aYB7MiJ9KDc5P5oKJHrH5GenMoVsQQADqs0YYwOjz5fXOTFM6IwaPCWLllfDkat5R7QEOflvqxpEP80bwGtw6nfafDbdSl_rnYz7AZZ8d1B-hl1aH6PUzkDfnkR44oAz6XBwzK7FajT9C2Av9g70GzlWM-uGEyUrtGd0zwTuMBRqH7GSf3heKP_LWOZ3hXdphTH1Vko_uBaXBkh6f0c32hdkCuvmsWJBk4vTTjCc-oSdcwcmAO1cFnzJG5UjYzgmUWLIe5pUEYlDDTtXXKZmbOaI6wnCmutt0tTPRO7dUXrWV6FjNlnPvwiA43S1cwALjrldabELocCJZyRxI9Z447VJX6TX631vqC1zei1F9I0FUwo4i3aeYA9QV3df0iomw8eMa5LLZI01fLKs5NnGI6gDeT8IfB1Gy-ysHbIuwaqT5elXoJa14xLZeCflIJcrvi9C1S_YmHn5NYLKBGLCflABghPb7sewLI-NSXNTOGFC-NSqa3_Shk8-ClD0DOVh1OS3Zxa_vtUC5jh1RYAtyFA8fjCNmi1xkGiKi4lim6Og0xx0LDApqSREMQ8TOT-cGubFwR-bHX25s9bGU9RSZPRp5Imb2zGWO40vz8db5Joh4vSmYBlqyhGPFa36ReJZMYC0E3CvkK0ixDs9MTa97mSkelOH6PAtIzFMBtr3P6rsyDU65EvjkZ9gCS3jij1rWcHWbyjBRUySdF_zlJjrfym1newC3FxfPLKCzWTw12DMuqcXVprKTUmWiIR4pr5lErNywT8xgADV1lMG-DzA2MboTNFT5ptKg0koQbs-8a-rvnjznJJdTsMhhI2zo3frKbdb1OZrIp8m8CRTzxtNmDLd3xRwgkl7E9R-l3ehsD_jW_5ubaI_L3JicRbclzopvvPXVjCm1dBAwG3iKrVIr5ml6BL5PQmyvbI4acm892P4ZrquLen1URvUXwdnb9wJ6blIMNdUbbroH5mZ0P0wN5_Bl4iI7Z38Mgorpqfzr915luFTsEtbd0AIt0wfgT7az6yB8FaK-UkBdS8nNtNqiOEMt6__M1M2T-fEwR7mfn6siUmnK93hZ2j-QWZjdSYfmAiKpwMHoCDEl_ETdYgHSpttDJHgdarZTOQ_-JrVlaws3TT-1gomHHZMEXsH_lj2bqjlZlEGmb7t80BZe8CvKeJ1nug6kGOfOyC8IHiMkUyBXlZBVuCTp5nIRjva6l_wJj6LPyKKTAg3Ae6xYALro1i5n3ZneY9bDxgtKOkHYn_EgR_FJf0OuW3Bi9GwsuNcYzuvEQdpMi6Xc6WxQwCAMXvRoFKBahzwqIAeE0wf6uVmLWW5iMfe8xUfulD4vHnMMwG5WjoXGgDF1qIv632QRtSs6UwZ4bKjdpTT3wPy2UFA-bjqdleoHeeWnYxG04tcMoGhxKraVtQtV0XPgztNiB3FIo1CqEQ66EqyqTiojIbKAyaZ37VIfaBZmiF2hFvRPL7Psd8lgil72Cr2lGQk1C7OhOiK0qHUOE2n5j86v3ZoJ86SqrqdwkdsmzlRU-n2hNCiz9vPZLawEzracTNtu3W9mma7lAxFjBDwVSUMOLz-xzAOrq_k0FCrmchn8jttsRBUlpdl1hx434Ti1YJZFnzcrEzxHu3JU09QuWBVbRSZ_RusNIS8FZ6vCts3SfYZnpVGhKxeisR5QaC-dPkEwaSUfKbCaWQf_cRyvLfa6w28l1i3_rhA35R0a60xMl5pASvnzPjpuTk2zn_x9RnGkfh0C_Wa-LyZHX5XEpxuoAoMPn7-paUC7A14leSfQ1tT5H8wn2hbzDmqdBm-S-BVtkoBx8ki2oMMqxYTD3nOj7elPfVFaTuN78QWfZfCbCpFLdyuBbQrpEEBqM8TgRC9A1Wks6_F8hZBmhMdsjstf6973sd4b4GX7z9H4tAZ_kRQ0IjQuCJram2HfDyAComvfvo_ManaQtVmbNwkpsiZokKUqp1vDm5UOc9l7O4m7waySmh_J9FhmDwVlBSUbDBTZD47XUk-w3IU2_jTG1aKTr45TisvRVPNQBmLK3cV7FDkuoeKyBMUNh-Qb65Nji_VKuiVQPrZp3uklrR6Io3TRl1C-rJE-5W08LCQJ8_YF7ImFaIOCFcQhVESKReLfxWGKOdqtS5HjE81vquVB-tgN0z_kc0vY1HYD7zQRfuuEEUpy-ggBKz6LhpyyFl_3NP28vRhdb9yGFLWv6hbh0krfN593Q7p-Q3iF2RR-CUZGpjrVNzexNDFfsx5zSLBO7KI7VFqYOgT9gaiN4U5vLxO2i4QrEmSJlCacvba9I0V5Z08AVIoSkK9v_RCSj2rNso8kTXZXD_RZ43GqeJrdF08Ukn7iPRKE7T_g7PEC5aIBd0muqF7IFfGYDt51-XM18N63QYriFBpcXrXVChkUGOZINAfqaKtgqxtJH2EuTSKpqBqTsnuwaejlAo4CwllrP4wEs-_ZBgYBvgvgO5X79XAoYz0TWKbR1kc-xlkwDQ43q_xOwSTYKGfwtrcGwGvGCtDV7VIoIpC1pElX7YYC_yX7kOVy4ehbTr15AGLL12G1hf0-5QwRhiCDS4ih2IxBo6zMTIvNSTsUnt3yAhC086nOlmxrKecluy1vAK__3rBAoSsBU4o2IVGv5scmqjIACppb_E50yufy6ZillnCyBcsR_4T3nqe9wiRN8KMTwjcFG_KOrMzFMOHObGXgKAoPt25zm2ujqjKcectiL4XVJ-JjHmHh9cKV4gwg1A_cnJPAaz0esRuYIUCiYsHJZ6Xy1DvX1QdZMpcEt6DmFm1Pn3Y0DlOk9e6QIPFkGZFO3zkXQC_cLl0tYgg7Dwhw&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&rfl=1%2Chttp%253A%252F%252Fultrasurfing.com%252F%240

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5467222e311c26f6bd8fb4d61f961024c95b3acf6e5faa915e647b16bad7a6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16945
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD05 42 B
63 B 54ms
52ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cj99-9-PyW_XJGAqg6_adPliqqs_ckyjBA1nDJ1WKwuTQ9T_kvYko5mc24B4IP-xB_33ORZRXim8v4Z2MVkO75P3flNQzDR8yoE8ON9d_blF4fYgQ

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame CD05 3 KB
3 KB 155ms
44ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60244283;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041625256&extPm=17041625256&extCr=461742653&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmBSnEA-gY462J8KJgAfD36S4DPKR0cZr14LFrt4Q__WQ49cCEAEghveGJmCVgoCAoAegAZH-0aIDyAEJqQLOG7AQ3cKxPqgDAaoEmwJP0IVxHrNmnWYU3OF_3ZrxdStsH4Kd3eh2WToUg-b4Nqno81LyRvGBuPIXlaSZhmRuUSWeGXiAKOT7K9d68iOhVFtWHUsk_TqyTENJxtOVhuU5SSGsEuwdgXvrW3JCAJIpNywsBOW4dezba4t_mpGsEcJOkNkyN4W5RLSTQA__NjHAFd0i-s-B29a5zkgyqr4UR4EOkAemeEjR49m0bs6FQUkbGv2o-0RvkrQw2HY2RwuydxoAGVRxVPQuu2pS-49jgEhNKkbK10MDV1mSQ_lrpDMf5VBQoP_zyIhowa5a1exwzAbKeSlBnXrkCJ2JgY7bHm1aYRZj9HXd9WcWDEEzw3i4y2fvSeIJZFcCQYDRaUGnMRWF_EbrcrN4wASEnJvD-gPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7T1shHQEwDYEwrYFAHQFQH4FgGAFwE&num=1&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&sig=AOD64_2WRm1wFclKDjSIcNGVgYLSilMvPw&client=ca-pub-1062972861553303&dbm_c=AKAmf-CzT3vxJuxpTBYaVOCEHjk3lBSHNu3BTGAOFHWkXhBCrnHeBH0k60-MwEThyay0MQ4xrU0FfMvSyRMoiXkFFXJ1T7XmtvYZfinJyazRjwreI9A8CM5z79z_D0Ds7Pvyyxlq7G15qhT7SA4jz1TVMVGg7hJuHI1NXPTyZnHV7vgkXcHEiJM&cry=1&dbm_d=AKAmf-BHkUZWKCs96uqnTb-mq64HZfjvf1yB-oV0alYXes3aVWP8qsPceUxrjXqxmZ016j4uTi6EZbajm_KlJ_iPM_DIWShZXexTrh4kD9vlZg7Nf-SmzHeriPbghLWGET7YzsaATLqwza4McdStGyNaCA5E8xN-GEiOLY2Q99zgNPjecSzA1wxLCLWCqt6FHtkuRQvnOmb1aqr_98vkAcOM5r-hvnvsVlwESdLXqyHx1-8XZhoii4qt1UmkIUc7SUXxTQQ5Z1fbZPo6tCeK-Qs-gYDswqSYKytQdrIFtOfwXFyRUjcoN_GdKxEYmaLl8rNKazrTQCkkTt2xuAmoGeyYx4F_uQ7OBh_hzMtM3ZQ98RhzqP-nqd6pLR_b88Mh0PhaZzKVdX-kGGYnMy-5MjxTkFM6gx-i0Eh7GaLmHypUoHDJZ0ud20WDu2CvUGwJRm0wfuaSl2n5vDTiQ9oQpGsI7OlK2oQbcjmLN18OosNKr9QI6cdvrdsGrwmYlD-jWMHRb2fel9pOnT7YBE5VNyrKToucfkFmxQ&adurl=

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6d976dcc0412d5aa62061b3571cc12e3d7376b29b312a5752394fe5a6f362431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2852
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame CD05 43 B
1 KB 120ms
32ms Script
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041625256&extPm=17041625256&extCr=461742653&rnd=1671434000645902

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 19 Dec 2022 07:13:20 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 19 Dez 2022 07:13:21 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CD05 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 20:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 20:52:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CD05 18 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 03:16:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD05 153 KB
47 KB 105ms
58ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
H2 206 rcj7tcnruje9yqxqq9ba.mp4
cdn.taboola.com/libtrc/static/video/v1670954026/ 366 KB
366 KB 26ms
26ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1670954026/rcj7tcnruje9yqxqq9ba.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ce7f01c6708187f992e2a407454418e33e967cef13328b3ec95453ba3616190

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: u0.EwJSeC7FWAd8PEp_Stl8v.bIFAAMQ
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish
x-amz-request-id: QXZ9FJZWTFGSE1ZR
age: 97
x-cache: HIT
Content-Range: bytes 0-374337/374338
x-amz-replication-status: COMPLETED
Content-Length: 374338
x-amz-id-2: ttue0eniehGaRLPdz6sX0heNBMrCn24qec8MGDhGDSmUjZquPipGakatGzBVWlHAhGSPBpPfQQI=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Tue, 13 Dec 2022 17:53:52 GMT
server: AmazonS3
x-timer: S1671434001.313209,VS0,VE1
etag: "02fc66922a48194f5bac5c6ba3b7f791"
content-type: video/mp4;codecs=avc1
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 f3h4th311kko5yoa3yf0.mp4
cdn.taboola.com/libtrc/static/video/v1667038828/ 268 KB
268 KB 21ms
20ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1667038828/f3h4th311kko5yoa3yf0.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4abc9e520ffd17bffe460e8ffffd3b91d9dc009f9d96b23ae82808276e6c3055

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Y.w1H76x6Tcxk0xMPmyJf5mTSktlNA8b
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish
x-amz-request-id: X1DRN9V5YVPSRP2N
age: 114
x-cache: HIT
Content-Range: bytes 0-274399/274400
x-amz-replication-status: COMPLETED
Content-Length: 274400
x-amz-id-2: sxJN0Y1uo4OWWBgS1f0AQGp+ZJ8pqwOcKJ9Mdnc/RBL9oQpqkaYFWqJGmDrSE8kEycx7euZFBS8=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Sat, 29 Oct 2022 10:20:35 GMT
server: AmazonS3
x-timer: S1671434001.313199,VS0,VE1
etag: "e8b99a65b540215b469998e22bcbf661"
content-type: video/mp4;codecs=avc1
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E040 70 B
265 B 152ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&cmcv=&pix=undefined&cb=1671434001222&uv=3245&tms=1671434001222&abt=id5mc_vA!Noappq22_vD!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b6c03918-7fce-4804-9a26-0d63e1ca8a47&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame E040 43 B
183 B 402ms
109ms Image
image/gif 2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&cmcv=&pix=undefined&cb=1671434001222&uv=3245&tms=1671434001222&abt=id5mc_vA!Noappq22_vD!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b6c03918-7fce-4804-9a26-0d63e1ca8a47&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 19 Dec 2022 07:13:21 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E040
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&

0
98 B

77ms
27ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&cmcv=&pix=undefined&cb=1671434001222&uv=3245&tms=1671434001222&abt=id5mc_vA!Noappq22_vD!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b6c03918-7fce-4804-9a26-0d63e1ca8a47&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30727

Redirect headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 93
Connection: keep-alive
Content-Length: 0

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 27ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=4411&lti=deflated&ri=37ddadab556b8a29ae955e20529e7271&sd=v2_a3ecd9b11da3c272cd2e90e672bac09e_cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490_1671434000_1671434000_CIi3jgYQ8-NDGLuu68nSMCABKAEwODib4wlAiIoQSPeu2QNQouwQWABgAGjvhs2V9cu1kixwAA&ui=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&pi=/&wi=-1709852854480885386&pt=home&vi=1671434000187&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1671434001330%7D&tim=07%3A13%3A21.330&id=1010&llvl=2&cv=20221215-12-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 8e88c360e19025af395075d2a5d7c4d8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
58 KB 19ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02c58439c05f42c5f4f4ee2446a0aea1c3562e60cda1d3bf0992ee34611a0cde

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
age: 2155544
edge-cache-tag: 403637548099015456651807903920752676278,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403637548099015456651807903920752676278,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 126
req-referer: https://extra.globo.com/noticias/page-not-found/desmascarado-rei-do-figado-faturava-525-milhoes-anualmente-com-dieta-fake-do-homem-das-cavernas-25622255.html
content-length: 58848
x-request-id: a5c45509d5e7c1a120ec7b061440a3ed
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200152-IAD, cache-iad-kjyo7100115-IAD, cache-sna10734-LGB, cache-iad-kjyo7100116-IAD, cache-hhn-etou8220046-HHN
last-modified: Wed, 23 Nov 2022 15:28:07 GMT
server: nginx
x-timer: S1671434001.346830,VS0,VE1
etag: "1dc6d3d8f36b360c5184b87f7d6ea306"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 0, 7, 1

GET
H2 200 7368e732e12f390521d5449ec7054c97.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 18ms
18ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7368e732e12f390521d5449ec7054c97.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 319183a3ae89fb791539320989754203459c94bf3babde961f06d983d140109a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7368e732e12f390521d5449ec7054c97.jpg
age: 2069800
edge-cache-tag: 461990998950197826270147060305627544724,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461990998950197826270147060305627544724,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 148
expiration: expiry-date="Mon, 26 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.achgut.com/
content-length: 20738
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000103-IAD, cache-iad-kcgs7200128-IAD, cache-lga21931-LGA, cache-iad-kcgs7200061-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 25 Nov 2022 08:00:24 GMT
server: nginx
x-timer: S1671434001.347401,VS0,VE0
etag: "051f8b911cc9a7240f0cd10bbabfa1cd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 191, 13

GET
H2 200 6134d3d66eff960a61096d5bcad9da9e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 20ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6134d3d66eff960a61096d5bcad9da9e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77a3118e57ab6b4382b1e4c55e35a2e2773dea5cacafe1f7e293c50491941444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6134d3d66eff960a61096d5bcad9da9e.jpg
age: 3381418
edge-cache-tag: 398798231978503284656555172536418644775,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 398798231978503284656555172536418644775,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 181
expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://search.wapka.website/
content-length: 14952
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200046-IAD, cache-iad-kjyo7100111-IAD, cache-lax10658-LGB, cache-iad-kiad7000053-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 07 Nov 2022 04:26:03 GMT
server: nginx
x-timer: S1671434001.347503,VS0,VE1
etag: "efde669bc534d869b76b478031b2fac9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 22, 1

GET
H2 200 49deb9fcd433daa2856e6b7da8d63090.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 20ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49deb9fcd433daa2856e6b7da8d63090.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 66997dfd6ae8dd4896d276d5e1c52aaa4e5f5b32da8fc8c2b7bdc87825932dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49deb9fcd433daa2856e6b7da8d63090.jpg
age: 3345428
edge-cache-tag: 584842374940440232437278109026310292055,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 584842374940440232437278109026310292055,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 224
req-referer: https://ads.taboola.com/
content-length: 24684
x-request-id: 318be64c4311a17c8a8d665cb52f0cdc
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kjyo7100176-IAD, cache-lga21946-LGA, cache-iad-kcgs7200041-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 10 Nov 2022 13:55:23 GMT
server: nginx
x-timer: S1671434001.347809,VS0,VE1
etag: "89d153f0a9d9fcbea0f26315cb330323"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 95, 1

GET
H2 200 92f54d24402cf094e4952ea0b14ac835.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_517,y_320/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 22ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_517,y_320/http%3A//cdn.taboola.com/libtrc/static/thumbnails/92f54d24402cf094e4952ea0b14ac835.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: add01009c904d80d9f68ac292af83fb6bb916d1b959361c7d79d3ed49e0c1a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_517,y_320/http%3A//cdn.taboola.com/libtrc/static/thumbnails/92f54d24402cf094e4952ea0b14ac835.jpg
age: 4505867
edge-cache-tag: 542851673267125409018239520697615309635,475447537435695033356127036507246006134,29ecf9b93bbf306179626feeda1fab70
cache-tag: 542851673267125409018239520697615309635,475447537435695033356127036507246006134,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 38
expiration: expiry-date="Sun, 30 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://hsv24.mopo.de/
content-length: 10520
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000170-IAD, cache-iad-kjyo7100070-IAD, cache-sna10722-LGB, cache-iad-kiad7000062-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 29 Sep 2022 01:42:47 GMT
server: nginx
x-timer: S1671434001.349246,VS0,VE1
etag: "c16588e5c83395f1835f63cd19dba457"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 1

GET
H2 200 a2d51834f2e318b2db9db1f4bcba6e38.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 21ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a2d51834f2e318b2db9db1f4bcba6e38.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff2b75689833cf1ff562eb7d7b84884f83e00f49a7e04d25f7fd5b051459c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a2d51834f2e318b2db9db1f4bcba6e38.jpg
age: 5095479
edge-cache-tag: 392126455598641379656948877125600254442,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 392126455598641379656948877125600254442,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 98
expiration: expiry-date="Thu, 10 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cnbc.com/
content-length: 16238
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100173-IAD, cache-iad-kiad7000134-IAD, cache-lga21935-LGA, cache-iad-kiad7000142-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 10 Oct 2022 17:13:26 GMT
server: nginx
x-timer: S1671434001.349241,VS0,VE0
etag: "12b340478caa68d84b9ec35bfe4cadbb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 0, 75, 2

GET
H2 200 05912c63e7822dbd0ad6a8af4badabbf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 24ms
18ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/05912c63e7822dbd0ad6a8af4badabbf.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: def65c5fd83e290458becd986458953ebfe27d7f3ec043dde43100266a54432f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/05912c63e7822dbd0ad6a8af4badabbf.jpg
age: 3345315
edge-cache-tag: 560729099820618216244944137837102114075,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 560729099820618216244944137837102114075,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 135
req-referer: https://www.iefimerida.gr/
content-length: 22724
x-request-id: b839f4a30b69cf6a0d67bdab78aa1d75
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100021-IAD, cache-iad-kcgs7200127-IAD, cache-bur-kbur8200079-BUR, cache-iad-kcgs7200138-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 10 Nov 2022 13:58:01 GMT
server: nginx
x-timer: S1671434001.371808,VS0,VE1
etag: "83493e06a63717f5aab996cfc24e637a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 20, 1

GET
H2 200 5bb3dfafa84d1175dd4e2836216c0628.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 24ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/5bb3dfafa84d1175dd4e2836216c0628.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3331b9f341e2f184f81f001e322854bbb963d246a70a26e6cf7a865c001ae77

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/5bb3dfafa84d1175dd4e2836216c0628.jpg
age: 3369216
edge-cache-tag: 501987080813444016403345468549044078655,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501987080813444016403345468549044078655,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 97
expiration: expiry-date="Fri, 11 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.foxsports.com/
content-length: 8596
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kcgs7200044-IAD, cache-lga21961-LGA, cache-iad-kcgs7200162-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 11 Oct 2022 14:32:00 GMT
server: nginx
x-timer: S1671434001.372104,VS0,VE1
etag: "2a8b36163b1628ae748017d1337082df"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 101, 1

GET
H2 200 imago1013885452h.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1663059135806/content/gallery/freenet/sport/topnews/2... 9 KB
10 KB 30ms
27ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1663059135806/content/gallery/freenet/sport/topnews/2022/09/13/pictures/imago1013885452h.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c596fa787f2eabb2061dc735587d858f919eb5aaec931e7894bf2791f51fd6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1663059135806/content/gallery/freenet/sport/topnews/2022/09/13/pictures/imago1013885452h.jpg
age: 4044157
edge-cache-tag: 328289271300339372794522705426082920718,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 328289271300339372794522705426082920718,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 3624
req-referer: https://www.sport1.de/news/fussball/champions-league/2022/11/hollisches-achtelfinale-fur-psg-pressestimmen-zur-champions-league-auslosung
content-length: 9138
x-request-id: 0ec92c2469426bfbbea39845f15f4934
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100033-IAD, cache-iad-kiad7000096-IAD, cache-lax10668-LGB, cache-iad-kcgs7200049-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 14 Oct 2022 18:32:40 GMT
server: nginx
x-timer: S1671434001.372284,VS0,VE6
etag: "5e88c828061b3fecd87626b63fe4e396"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 0, 364, 1

GET
H2 200 d10e64bad8632e270adcb6b5425aa875.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 80 KB
81 KB 25ms
22ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d10e64bad8632e270adcb6b5425aa875.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d1299b71a8d3846c6c63a354fdfa16c0389c2b94eea2a2d46d71329a124c7ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d10e64bad8632e270adcb6b5425aa875.jpg
age: 3439447
edge-cache-tag: 520483458195062292694694425091837898093,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 520483458195062292694694425091837898093,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 71
req-referer: https://www.sozcu.com.tr/
content-length: 81628
x-request-id: a4e043935b05546614b8ef0408aebee6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000044-IAD, cache-iad-kjyo7100034-IAD, cache-bur-kbur8200040-BUR, cache-iad-kcgs7200162-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 04 Nov 2022 16:12:41 GMT
server: nginx
x-timer: S1671434001.372438,VS0,VE2
etag: "80c9b450f72b8a2144b2d19fc2ec54f6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 9, 1

GET
H2 200 2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 59 KB
59 KB 21ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98c5e7cae59700bfc0add315c16633ba5fdfb36db65ba1b5e749e5d215bd3d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age: 2299394
edge-cache-tag: 539264722275397693898618951167535693130,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539264722275397693898618951167535693130,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 835
req-referer: https://whoswho.de/
content-length: 60124
x-request-id: 891b79417a8b6571c6f8f53353a1f0de
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200095-IAD, cache-iad-kjyo7100126-IAD, cache-bur-kbur8200158-BUR, cache-iad-kjyo7100179-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 22 Nov 2022 10:50:30 GMT
server: nginx
x-timer: S1671434001.373647,VS0,VE0
etag: "f6da026fffcb3373818c54195f2e2e1e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 57, 5

GET
H2 200 710e2647d6b1dd0827badeb56325233f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
47 KB 20ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad1cc9edb5ac452a2d1cb8c559c0c1c18e4d695211177add920a0b3c157ee04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
age: 1022278
edge-cache-tag: 595629037177767479183546216043569688665,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595629037177767479183546216043569688665,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 565
req-referer: https://weightlossgroove.com/
content-length: 47032
x-request-id: 30345513c63e63c2913f59590c771506
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200084-IAD, cache-iad-kiad7000115-IAD, cache-sna10738-LGB, cache-iad-kjyo7100125-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 06 Dec 2022 15:22:48 GMT
server: nginx
x-timer: S1671434001.373642,VS0,VE0
etag: "d9df8eec2b0034c2318e9e9566ce9cb8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 24, 2

GET
H2 200 gettyimages-militar.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1618223398549/content/gallery/freenet/unterhaltung/wi... 28 KB
29 KB 24ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1618223398549/content/gallery/freenet/unterhaltung/witze/2019/05/16/pictures/gettyimages-militar.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a41904ddfd80ace34af964d3bdbd5f8faf983595d84738cec1f52d38e472240

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1618223398549/content/gallery/freenet/unterhaltung/witze/2019/05/16/pictures/gettyimages-militar.jpeg
age: 6048479
edge-cache-tag: 341171387584735329037041622182722124372,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 341171387584735329037041622182722124372,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 894
req-referer: https://www.tag24.de/
content-length: 29146
x-request-id: 32bc03bcdf9ea29ea154fdaa2bc4d60b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200130-IAD, cache-iad-kjyo7100064-IAD, cache-lga21942-LGA, cache-iad-kiad7000043-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 12 Sep 2022 18:30:01 GMT
server: nginx
x-timer: S1671434001.395677,VS0,VE1
etag: "e99b0ed1beba34a77e93ad0e39113bf1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 14, 1

GET
H2 200 tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 18 KB
19 KB 23ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec6eca152d15768c9e87aad98c72ef58a3eb4d49600211eb3dbf896b6f04636d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
age: 3653118
edge-cache-tag: 525843122041802622962096872320455259449,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 525843122041802622962096872320455259449,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 173
req-referer: https://rp-online.de/
content-length: 18764
x-request-id: 8b8ef7fca50e6e49cce3c9b12f214bb5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100155-IAD, cache-iad-kcgs7200162-IAD, cache-bur-kbur8200054-BUR, cache-iad-kcgs7200099-IAD, cache-hhn-etou8220046-HHN
last-modified: Sun, 06 Nov 2022 23:00:07 GMT
server: nginx
x-timer: S1671434001.395663,VS0,VE1
etag: "526b2230c06226250d5b4e1eaa3a7fb8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 61, 1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7B85 70 B
264 B 110ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7B85 43 B
182 B 360ms
109ms Image
image/gif 2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 19 Dec 2022 07:13:21 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7B85
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&

0
98 B

79ms
28ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MPgCFgN2rNE-9cBJ8gR2rNE-9cBJ8gUAAAAGBvQHJGLbGDbLxXCtm3lcbtFwMForF5bZWjCybVaOjcO4MO2GQCK2jWGzXAzXupnH5RYNB6O1cmGZrQUj22bl2DiMC9NuCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwN4jAZdE-zyXX3uez-AAAAAAABAAAAIAEYMPwuAaDomjz5_________48ZoM-8kfn___-_MegBePABeBACAAD4GJIKgxoG1ajaISpILmIEAAAAkC2nzXE0qRMqi6r___9-K4ArAICAwhQd7JIs3UGJtzAAAACAsQV6WPx-s8Ou8btd9v________9v9n_2jybEpBeeFgRRP6z2CwgAsPYLCADANm4AAG8CcEFnUJPhbjlZXQINNpvJYrYazg4AAADg7v___18PJDwrj8k5cSxGDs_GsptsTJaVc7Cy7SYTh8ewXHmvRvkwEX6d5rgvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiLMmGwex8gwcmuWq5lbtBt53MqJc7fWmDYmi2G0GqyGi7Xo9TE9nMvlaDnYomCAx14kT4t0otmNJhPTcjDY2BabzWIysxhHw5VztJmYNsbFcmQRSzQni3Qiu-wbnpXH5Jw4FiOHZ2PZTTYmy8o5WNl2k4nDY1iu_B2TzeMYGUZuzXI1c4t2I49bOXHu1hrTxmQxjFaD1XCxFr0-podzuRwtB_vGbLcYbUaDwWDfmO0Wo81oMBjsO0ymZ-pzNoprOYlHZr1uw7mnzWFQuAwW709iWky7s4Pp5Ds6hZbrsqgz-q7fo9eg8Bw8qu3oucyaG9dj6zT-HgyKWCK4SCeqs-ny8LwuN7fqbLo8PK_LzSKWKE0X6URf9LtdhofP5a-IJYLTRToR-t0ui_qPDrLYzRWL0VyyGM4lw1UCAAAAAAAAAFjCnHkTAAAAgNNANovFZrXOg9hsRrPdarkAEPHzugAAAAAAAAAAu-hFYeNWeql2xY0fT9TZdHl4XpebW3U2XR6e1-VmZQCIeHbmzZ8JYq1WyxoAAEAAGwAAIIBbN28BZFH8____fxwAAICMHD0AAAD9PlAVOAAAAAAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30727

Redirect headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=9ec3026d-7f6c-11ed-90a3-1d03a5b20306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 92
Connection: keep-alive
Content-Length: 0

GET
H2 206 ljmr5gtvgt5h4eo1emio.mp4
cdn.taboola.com/libtrc/static/video/v1669279402/ 375 KB
375 KB 19ms
18ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1669279402/ljmr5gtvgt5h4eo1emio.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00524cc9e6083a7551badbb73aa5a03994633822c964f3a0a4ccab6dee722140

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Xr1wO6s_Q3SwlhGDi175ntKzb4NC7WcH
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish
x-amz-request-id: 4NP8SS6C60WVRB6G
age: 51
x-cache: HIT
Content-Range: bytes 0-383737/383738
x-amz-replication-status: COMPLETED
Content-Length: 383738
x-amz-id-2: 7i4f3rnRVurGC1k+cyqi+7IFa15bymKn62gx+7gzaBA3s6QjgN+WYK7hsebE6hg7ngE5FwjsscM=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Thu, 24 Nov 2022 08:43:29 GMT
server: AmazonS3
x-timer: S1671434001.405691,VS0,VE1
etag: "e6379ed2da1dc51a51328faa4fb6ed86"
content-type: video/mp4;codecs=avc1
abp: 3
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02c58439c05f42c5f4f4ee2446a0aea1c3562e60cda1d3bf0992ee34611a0cde

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
age: 2155544
edge-cache-tag: 403637548099015456651807903920752676278,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403637548099015456651807903920752676278,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 126
req-referer: https://extra.globo.com/noticias/page-not-found/desmascarado-rei-do-figado-faturava-525-milhoes-anualmente-com-dieta-fake-do-homem-das-cavernas-25622255.html
content-length: 58848
x-request-id: a5c45509d5e7c1a120ec7b061440a3ed
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200152-IAD, cache-iad-kjyo7100115-IAD, cache-sna10734-LGB, cache-iad-kjyo7100116-IAD, cache-hhn-etou8220046-HHN
last-modified: Wed, 23 Nov 2022 15:28:07 GMT
server: nginx
x-timer: S1671434001.452535,VS0,VE0
etag: "1dc6d3d8f36b360c5184b87f7d6ea306"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 0, 7, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7368e732e12f390521d5449ec7054c97.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 319183a3ae89fb791539320989754203459c94bf3babde961f06d983d140109a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7368e732e12f390521d5449ec7054c97.jpg
age: 2069800
edge-cache-tag: 461990998950197826270147060305627544724,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461990998950197826270147060305627544724,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 148
expiration: expiry-date="Mon, 26 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.achgut.com/
content-length: 20738
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000103-IAD, cache-iad-kcgs7200128-IAD, cache-lga21931-LGA, cache-iad-kcgs7200061-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 25 Nov 2022 08:00:24 GMT
server: nginx
x-timer: S1671434001.452559,VS0,VE0
etag: "051f8b911cc9a7240f0cd10bbabfa1cd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 191, 14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6134d3d66eff960a61096d5bcad9da9e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77a3118e57ab6b4382b1e4c55e35a2e2773dea5cacafe1f7e293c50491941444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6134d3d66eff960a61096d5bcad9da9e.jpg
age: 3381418
edge-cache-tag: 398798231978503284656555172536418644775,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 398798231978503284656555172536418644775,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 181
expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://search.wapka.website/
content-length: 14952
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200046-IAD, cache-iad-kjyo7100111-IAD, cache-lax10658-LGB, cache-iad-kiad7000053-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 07 Nov 2022 04:26:03 GMT
server: nginx
x-timer: S1671434001.452660,VS0,VE0
etag: "efde669bc534d869b76b478031b2fac9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 22, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49deb9fcd433daa2856e6b7da8d63090.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 66997dfd6ae8dd4896d276d5e1c52aaa4e5f5b32da8fc8c2b7bdc87825932dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49deb9fcd433daa2856e6b7da8d63090.jpg
age: 3345428
edge-cache-tag: 584842374940440232437278109026310292055,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 584842374940440232437278109026310292055,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 224
req-referer: https://ads.taboola.com/
content-length: 24684
x-request-id: 318be64c4311a17c8a8d665cb52f0cdc
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kjyo7100176-IAD, cache-lga21946-LGA, cache-iad-kcgs7200041-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 10 Nov 2022 13:55:23 GMT
server: nginx
x-timer: S1671434001.452659,VS0,VE0
etag: "89d153f0a9d9fcbea0f26315cb330323"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 95, 2

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 12B2 30 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnwtMmnWJzvTZpIqA-4a9yhnQ8wo5Qh7u1wIqzJKj0BDEBvEyxOD9qPfw9dBhcDdu1O1jxrfSQJvL9fKCuvVMzjlQWSn7m3Rhyzh7wZuViAZTRr0L9pOhQKpcVO0Q0tiH6nupP8yKDVCftpkriBG2dT8TffhbzUaZ6XJLhjEiGeyDwmlw&cry=1&dbm_d=AKAmf-CsHgvjrr81Vxoxn155Hf-m9R-Fwv-kFULJ2wuWZhp6qzdeKDK0JZeivwPuQvRvqFjbq4ho3qGH5Dbn1uxUbYoYRupZ_GuQQQfoFsYp0mFT0DA5fBX5cyyxl2S3nahGqpLQ2HwTGUwL5ogp7LMtZs8LbS6x9MiYvbLGNKPABCS36y2Z9qmJJC6sZRhhfmcZX4NrLshICoBinWm3t6QfL88wLxh-OxsMfK4yeEI88kh_Ee_8ysu080xnfEqDUrVsY7cXGrTfdQt1jxIed3ebwoDYP-LP7RmE_IjRdEKHn-w8NOu4z79yyFxBzk1LHada3tT-NvijvQBJ-lDhfLihLN60L7bEqayCT7xgtbqSHF2QjRyAC_LrhlSk-qYIvqRptQrh9G2R4GZ-u22_tZkpsG7MbviLvmtxcPqtChtB8gDDLkhsjkV8HMSXqbtERE-vD3Lv-poYiw11QW66BIW8AD5EBxkodAUx7k5tQuyObQscDOoaWoEpakV0Gdx3diTryrx05TuSLRu48OsfIFoIBPkyJZLFXkojjAfRZCWkz0vSkL8lBeSmVjtSiE8T8BPngTEsLGIrTv8NLPOfMGiLNDda5v3oZPgX3YfbOOWMNHh9ZgGYXWmVopZxSX8uyC8hihQZdXQDwuCZ8iC-4p7HDv5YFh_qQnVuVL3OjjOSBAnat-t61QS1nkomK-0wKZ5yiIFsPDBVZ0i_x-pR5R3KN-TrkLiqIUxeMr1KC8NMUAklF4789b8QjzCVcpA-OPujPMhSSofjaHA3LVkWtRjZZNP98DHTfONSmL9YzEFNrD6dcbl5-JIbDbUw4NqA-mQoG8DHjck8vX58ZREPceASZt2zyvm0uEWkVjdErflW0KtXPWiK-el4b0rp0asfdFGD5WTyw1Y-L7zzu8fuPSHDib9Unfbnc7l2NhZCsjp8SwO04ytrdbofcjfmGdzEo17xeoQ-swi7jPUhmRcKhvmLMg-Dbt-z_OKvrT9HPqiIPLVzEqWY-N6nP2x-h8vJQ62NqvgzVnONrdPmWUeSrBr5Dsr3adPx0RwxcRGCIE3mXHo4kcH7xyTVftxPeXUWYvjQHZ3N0_W1SYOXwCNR5exzURM2VCvcm8mp-wOdZCPfD7sk9ZslaXxmwa0829FJyh0Te_IqyMA28n7HMPb_da0vlP4FInLdoLo3Q-b-8uZpUOBix5c9Ayvg0l4tJNkSgayyP-AXjv0VC6t4-WEj96ca-fWzYVrQbNB0l9uosoc2lvjCttiNGwqceWTyL9bYYwjYUXlDlfMV5gtfMXgWDzrFdMOFx5xy6psTuUqZ8_r27uqRosfaxy23vKD9sx4DgpRpNY7OIgVAlC7cp9T7HkSrW5zw2I3bKx9IT6fQ_ofR_tYmRELIrEb2Y_j9i8VO7pBD_B3QeiV3o8Pw7nPOivOEv-t6kTUgRKEKwxxNCUHIvInAhA1bIW-fF1Zj5w5M17Ram5TF08S2CjYpg5RPLPnHTcjzg5Xvd34O23NyUIE5UT0au4ubWdEqmL2JCJZK-rzzbg5jsYhaJ3xYbN9xwYvR4gn00T7MaVzgz-mFdCh9pFVqaUbrTNq7iZniuAcCWN3Hqlh4w2a_wVL1E0OV6j0YJuwa5oYeL2gOZbYaVHI5pbWSH1eW-LVKK6uk9zSS7gM7wBjrzFWM9-cuDdTyXpMKiPD2ERK_W0ib8rEzragCz7COyc_Qgkno1eLTIVQ98FFSVypNwtY6nN5x7j6lVWpSbtcWPs8nE1BMheM1L475JEJ5UY-hXPD9nkFp1PYR84nqDsxbo7eIYC-rD9tAmLrIwnvgNmUR_morLjtHZxhq3t6Vj9_OoIv77N--RKm3LKew-QlcM8Q5VxTU8wu1NCohHS3HutG-BR36fHWb0UDLUr4FRMXQ7Ov01-OvDMWtXzxdF7OGK3jFxvt3Z7YnpJihDYmRVfdIl9sH2kEooNuXZgEeHlvdXZcla24S6gVliGPeRaWKwIicKah46DnOA0YmY7gxeUOWcrK56X5Tgj15wCiFcxIX0ulGmb8AwuNnrU9JgBC_2m37qZCIpCtHyo4TPs4AgvmnqhGPMZUhG-QXhAiqGPq8ukTL3kx-BtOa0G59Bn-t1MfhbxPYnRlC8JVUguXvC4ujPFsgm5QyZUtTuKtMM5lnXbRnprGodukYdapfI1LVvSUWLbYf3zrgTzr8KJYEHYChDoyqvY99Ky7T0sRUmLfU-wip-MEDB6H377N2kGe5mMksg6_tEY-Ku6oQVSJEFnKQNOcYBSSEQSOhDA_NGtNV_GD-lCjwzGmhEAMlVwf60_Xk8c0X9SR2vRcvYVABc2AYuWiEpoQDPg86nMcKSXuHL8CxU9s-MpBZ9FquZPHoghqr23isf_t5xMgnBybw-J-_SJogD2JjadSJdV70f_0M515n6qOIPEQeLx_bJgxKxrr-5WroBedYSNmtF9RNnDZEvOKf1VHjkWiSQ2hkFZYvKZw7SS6MWnVW6wN-gNR2LhR1knESS-8LYWkmSTabo47xy9KBj6YX4NHYS5K5TK2I2vLebNoIG0x7gWl6mDJFo9tHtEYjWxBwKYv4ADxOBpo_ws1IZ3e1SXZzQTQSC6CS6N5HVrzR_HsZ4aTojdGCw8O5Ef5Jo4qbhxF4sg9vheCpkgVAj5E4lXQ35XHjJ_dNMIH9Ccw0JMvHwwnbFlCsIBlGXtEkAS0o9V-bMTf3juyVPqm1ja47TAYtOD-I7k_t3coyVscTKbTB9zLU2yG5EroD2nb6vBEPMTGzRChRHjeFUe1d6tcVeSINvSXZZ0IIkDAImaixmmb8bkr6zmS5Dh8gti2ileDqeN-EP2CdzYVLkgCvHkORdXYOiY6hx7Xg2VfdCaLSObGGLa1sPYzQKJ_8jDqW01Hgf3xVzXeRgxjFuoNjdIa9kPGl0fIg-blTDu3OBBoVNJmjCwtUDFouoGszs1AUNgbBLN_Mn-MT7kkjkwJgkI-1qCZA0INTjz8Kp2jnyOnM6-gEJUzvoOpqY_IvbacjxA44Fbf0R-RZDAg_Ln6D-VsV-RegK6vJWWzemQ2TpfE4Fzcse6eEmyzNI_lXuXHRPmanwp_Uka0WEoJWpMig4R7WI0TraO99K1H_umC8A6myiv2yJO9Gy2Ni0HxQ4NJcUgmpb6P4ttq1mFSfWbmdQyByDKd8P05G415Kk3tOG0TqkmMtsIRiLvP-RxRnT4Qlw97ruTalOUZiudS9HxIWd4rQ-iFNVeC5yVv-p5TYNDY7Rg9Ww9T4SwFuO9sUJfSEMQEBEycX5eJ-kDjqt6uC3FH8jpsvXwTU-G-UtYhPV99tq1Ey2AKRzUA2bLwbBzDMMYB3gz22yR_6f0YDdmWnMDtB9JCDsEiggjzI6_dl-l_kiVkqZgGKjIdRitZlkRHSgntoF8utgEb2DylNaQEgPNq6yZ8WgV5aWbzEMXaSrGiaHFdpY44Y-4qa_Ei1Ccfkp1XYhy15D8lozKLX_fzuaACd_atuETk5x3neuiE&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&rfl=1%2Chttp%253A%252F%252Fultrasurfing.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 13:02:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 12B2 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 03:40:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BDA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

43 B
766 B

42ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYi5uS3AEwAQ&v=APEucNXwBJiDeWQPhloZz9MMlhGEkZI5Ejwyf5_BE-qhZwDl8VGJ7QLYW3YSneSlnedxe9-a2BlQRneRR9MGmOSRevbiQr98_Sw9LhYmzIr5TmDbUC7Pr75TqWIjBexJKboGSuMyvWyEqmNjRFw6FueWt4m5mxwX_czUsCsnp6yHcZzE2NK0YRBG9G2I3rr-BQmuFamfAJZzlMaWnmRVuQOBO6FtGtIvoQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BDA2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6APEZ8I5NEX4Jma3PUcFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYi5uS3AEwAQ&v=APEucNXwBJiDeWQPhloZz9MMlhGEkZI5Ejwyf5_BE-qhZwDl8VGJ7QLYW3YSneSlnedxe9-a2BlQRneRR9MGmOSRevbiQr98_Sw9LhYmzIr5TmDbUC7Pr75TqWIjBexJKboGSuMyvWyEqmNjRFw6FueWt4m5mxwX_czUsCsnp6yHcZzE2NK0YRBG9G2I3rr-BQmuFamfAJZzlMaWnmRVuQOBO6FtGtIvoQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BDA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

43 B
1 KB

80ms
26ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYi5uS3AEwAQ&v=APEucNXwBJiDeWQPhloZz9MMlhGEkZI5Ejwyf5_BE-qhZwDl8VGJ7QLYW3YSneSlnedxe9-a2BlQRneRR9MGmOSRevbiQr98_Sw9LhYmzIr5TmDbUC7Pr75TqWIjBexJKboGSuMyvWyEqmNjRFw6FueWt4m5mxwX_czUsCsnp6yHcZzE2NK0YRBG9G2I3rr-BQmuFamfAJZzlMaWnmRVuQOBO6FtGtIvoQ

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
AN-X-Request-Uuid: 603948c9-1f31-4882-be8b-69897b200872
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D

170 B
188 B

76ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 77b0a2ac-ec8d-42de-b1b9-1a6ac01bdef0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E9A5 106 KB
38 KB 79ms
19ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Origin: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 09:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Dec 2022 09:14:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame E9A5 8 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D70bZR2_NSh5UIABXyNTkiPCYgyl_MK7HPPTWtj4fP7SaFy6hLNtHx-WEw-6FqcozB3M9ykzb6SJvJ7n2aZjRVYn_zQg&cry=1&dbm_d=AKAmf-DOWOuiq3MSNozkAx6tr99lgePSA0T7NPvK-tgegf46gLjbJhDkcVYy3xUHirfErjpV9qR-pWC_XfEnIxzMfsf1ph_L3nqNWcxqWfSRBR03jsiM668IQhPzkNgDuxrHcRlVe1GT-B2oDw9beioKc-snXQM4E-wY1VqT4RYOTVYoh9RwFbyQa7UpPYv19GsylGxI1aMFwaGo4ZPwyPqyfFLZ0CdUS9E6-oPrrWeRtM-ibXqtzVMYmIuzFkafpfJBjGEWhl1AACBbZrNirS4tIBqxJ6B_ar_gxcjGsyh7bYa1k1CXesjpxsy7tVzdZne-D8LZLNpoJvFrIgQoYrOXVxie2XZ40U5dKHxoVlhZprf1bNAdDget3fyy1gcVgcJo9R-kSKUs4LdOwSBf5_o6ompUDU_ODElk0VhS8295LIgu4U3LCjix1VlONx8YdVC2lT78BzUrYgd8rUksgAPtBrHqHb9EksWhoghDuyaSRuNgYYjvkiWpTH5NF_zyLYVs33S2irxZqzPrBBHkn31SUhTM6CmXRnu4oAX2w8PaE-W7xZvRrplkI_gDEjFuooR9Lh4_QBVt0WOb_hjXbMqmgoBScJO_5nYqdLRxPsgWcs92m_Vw4ii8N-j0QJh-Ye-usiZpis-zgiowkInTABR1kP6p191i5sBW9MQPHe486PMQudxJ8xCN07GRSlVV7nIY55FYGnQGIzrbqWuf_DVE6FnW7khGuC5AKf5utweAd3_1U8Ct0HiycM67xUvDam24MYklQ5DyikEZfOIPq0erDbQ4X4KLv-KGqFTBunvUSyAJad0AoBIzDiPtfyvsy9J33bMYmkKlE2aixlooNUd-_hpoVxhfVA745AtiVINfkXP3JTwKJzL0vVcZ2bZ4VqR6pOr_VVASDPmqWd7scvgVrJ3JG0Z_BPSOGqu82zItiF7HZiAFW_lAeFIwVe5VbuIt0yAvNNz60ImFFx4lp40k40D44fdatMrHDzQO1v6ap3F9BAXQOV9HYVXE2qK9LUwilWTU3VljkDoUNtLfT6rMZk8LqBwTVoREdyaiyX_ArAoNtvjH4XnNJHBHtU68X3_ztKN2eW0fVmnp5t9DY1_Lb4d5Kgv2oL2uq_pWyVYURfJ38En6CtGI4ksP0L-CmkW2tp2NuT9-57y8ZSXtf_HTWHByWZHc0n6cmbeEJFe6fiW-ku0aKm2zMTgjntIHdYHYJ3CtcTrSVhOgBwKU1c6Aaw6jPvyunYhL3mG1teKMIExUT6OQW09AjDTWaWDiLxCaWX_4yF-AzYQ7WuSH4w0ovIwU-C7LwHqmJefOMamXqZP1zqlDbh618zeRz0wjBitSzV62rKmGUzDUMcJItUtiyP0WPyj-jw-VUDjEkjjUl2ikiWC9--P2ZZ9P9ZF8P4-0tnTyy2LFCOBUGUV44Wh7Yy1PJdfM3r4JzT5kT-OHgwICqLi7sKqaanLYOvvom71cz95blHanKd4aYGrphEjOZjoI0Fyoa5VE374QgP3SzI-6pqh2nKa6jptz1Ly2AsdVONClkEtIzlvgjQjCO4y-DPiqi3YexoTcebRQc3Y8oLOf9tFW8ICiuDYipLi-r2JSFCn0IlW-kbi70ckXMvV7GfAQEAoK37-1YnPOd_FYQyicMkId5Q6Rf7lI371BFqpOuitYcXiQzO_9RBxdWi4DTbmojWERraPmLocKJedwG-YvR1EhXeW5dTsLSrNrsEQCye7QuW475uPiBsQIZgBcHr4Au7uD3o5eh9Sul2jW-q1Wmn65kldU-Pm1NybBg1chrbvZrc2PqSaT3NvfTKJ3E4qt5KJ4Bsy3mCxF9L7J6KMb3C7DZokRTNc2IIkI8Vc5TXRsxeVcTLRQo2sSt9lCKE3b9M-UT2aUfSqMia7bVuepfiOA0MH6SklWmA7zN5r2mMLYY14XVOzoK9AaBz6AKjwS-EM84w-yqgnjTJz7izQ_JXz6OMiBnSvoKegRDrxyoWVCakDrxZElfpPmfNwNu320n6uct9yw4QTowbOTM7Pxb3r2wznUBZCjUxw-tX43fkad2AKwQfhe0hA9Y0-h1XuwsZW7VbbKN5xRgfcW6queD7XisKopogm_Rn8LSPqGXAEyO2ENxKuNtxeaLWmc2EqB4Xx3PGJfPdnuztXZ211S5vNEaG1tfbPvMyVxHxBZoxt85a8Is3KUmwzWdsyPnzAHsdxP-LXmh3nxJ2QVvc5I17D830q7JG7bE9pKIX2SCMaDAAesIo0m6ZNOE9VENfVW2-zI3EpzZ52jI9HLQoTfGVSIX_yUkQINOGo5Jr_YHliUEPdFwN3X7EM4_Cyf04eg1Pk8BEfkEXco-AR8JMMe07a-Si5VBXhc8RNhABHPHEMBbcj4Cipha7srWjGfNVxtJjqBFpYhSibd2ZYcPue5npTrk37u1jmG_e0WYHhpGRft5SSxayJlMKQ3tNGoWxjM8oDipPEifnsqMmZJVt7KkanP4dQZChVCTSJUytM8Q_FJlst2QW-MJ-nvcjfkjfCvlW_j7yNX2MMuwsvWAVehHy2pXxSTRqJCANa6iTnBNWMdc0qGIcN1EpSC9c8J_TPoZnb_B8x5SsIn_gsFxPnA7XAttRUEvXFRDZ2Qk1Uhy9ivp7QFHt-8XXeUdI0GAPf7OL7N4cQmSpLiad_ZclRd5BP6fnGjunrLnLaa4NEstM_jOYupA4eoQMRS3AHzujdEAv0G4B_wggB6sCXCDreT3dIiAq9Z_brnUNUtd2iHkRxSGeNk9sa0zD0Rtjc_l3MqG6uYd4SMjoIOYOgSW_bN2HHr_j34F99WWJRJKqmMmLZZ8imvu3PcC-C2VTDiqgPKFPwAY9YrQaDAc442cOWFvGWzNogwAgYZycRfEMbADByF6lbEz6XWumPpWCpeS8PuWi40szSTHtDRmxSfNJsByHbKhxr4Rubj_ni7BIqwm7x_TtFWbGeRcOtf92UncH2lBsplDW62xPw4KZ06ezNsvVDhdNV2_yPaseqNwqKeyMdzWjanQj-sLr1HxK2DKgW76JkMZW--Ncc-yPRfOddgwXK7qkeCBAxkdPOM5ci4wuFiUqE-5OJSEw1r1LalJis32YjQ4-oDhpEASAZx6892aLfNmNVTrRU79-YSCdcZ3u_Ncf90CElqIPiYIsMmg3fx3NrzvC3rZujaL61t3HWs5vMIlwhhEBkEo18MbEEEp4Pg9k_c7t2FspwLOspckEHnj5llEAOMKAiv5ldHvIDkzphuG2ppvJI54b4_IGcWNCuBNpREHUzZQsn4rpc6RoL5renlWXWnwcTVFnKH4DywC4t2Ox_ZUz_VpEqSgB4Qe_j9Ld4bGb9HeuhQ3JogWSPC8lQ3F2B3Wu4Qn9f7Fv1ppiq1bN0&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&rfl=1%2Chttp%253A%252F%252Fultrasurfing.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 13:02:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E9A5 30 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 13:02:25 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ACCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

43 B
766 B

39ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYvcSW3AEwAQ&v=APEucNXTBm-rzR6qNNbvw6rpfd7DniRIfLDWyel4s3-g7w_nZBIENiuGdMrZNNqLxqVK-n6M3b3kh18loyoQH0p0EjdhFekqZuKlS6lGWm5o3Ky9_Ej5MedNHVPFu-rZC9ZV9U8NzlBsx9PO1LHWWV69nHoSt5aCpH_miTuPYIrgRTtIg6wdEw_6dV3cxLE-mT-bUFkzDaME2-uyugQ6azLVYpLZPPADQA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ACCB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6APEZ8I5NEX4Jma3PUcFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYvcSW3AEwAQ&v=APEucNXTBm-rzR6qNNbvw6rpfd7DniRIfLDWyel4s3-g7w_nZBIENiuGdMrZNNqLxqVK-n6M3b3kh18loyoQH0p0EjdhFekqZuKlS6lGWm5o3Ky9_Ej5MedNHVPFu-rZC9ZV9U8NzlBsx9PO1LHWWV69nHoSt5aCpH_miTuPYIrgRTtIg6wdEw_6dV3cxLE-mT-bUFkzDaME2-uyugQ6azLVYpLZPPADQA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ACCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

43 B
1 KB

74ms
26ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYvcSW3AEwAQ&v=APEucNXTBm-rzR6qNNbvw6rpfd7DniRIfLDWyel4s3-g7w_nZBIENiuGdMrZNNqLxqVK-n6M3b3kh18loyoQH0p0EjdhFekqZuKlS6lGWm5o3Ky9_Ej5MedNHVPFu-rZC9ZV9U8NzlBsx9PO1LHWWV69nHoSt5aCpH_miTuPYIrgRTtIg6wdEw_6dV3cxLE-mT-bUFkzDaME2-uyugQ6azLVYpLZPPADQA

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
AN-X-Request-Uuid: d6f43b5d-09f7-4bb2-9020-e017c57ef4ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ACCB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: abe07bb4-ad5d-49e7-a424-b2656b9f48ff
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxMTgzNjE4MDk2NzEwMDYwNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C19C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

43 B
766 B

43ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY-uWz3AEwAQ&v=APEucNVybArU7fe1G7t9PFNZNXIlnQcRXd0Wmn_BreX4T1Zb6zlHLXwNt1RK4BzuikuClCf058grzJDnxTjPkgLRtwVzCrzyUab1SRkLP9OPXZ3FV69YtCQzwbtesB6Btbf3mxaQQjA3taus78U-XyPVSaplVbGS5e-J7BkL33y-vjVAKHVgf7fwbV1vaBgkib9d_4e0CM698U0I3tYWrwxXTt1sl8ytBg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C19C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6APEZ8I5NEX4Jma3PUcFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1

43 B
894 B

25ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY-uWz3AEwAQ&v=APEucNVybArU7fe1G7t9PFNZNXIlnQcRXd0Wmn_BreX4T1Zb6zlHLXwNt1RK4BzuikuClCf058grzJDnxTjPkgLRtwVzCrzyUab1SRkLP9OPXZ3FV69YtCQzwbtesB6Btbf3mxaQQjA3taus78U-XyPVSaplVbGS5e-J7BkL33y-vjVAKHVgf7fwbV1vaBgkib9d_4e0CM698U0I3tYWrwxXTt1sl8ytBg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ4SpR-huNefHL6lvg6eGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C19C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

43 B
1 KB

76ms
28ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY-uWz3AEwAQ&v=APEucNVybArU7fe1G7t9PFNZNXIlnQcRXd0Wmn_BreX4T1Zb6zlHLXwNt1RK4BzuikuClCf058grzJDnxTjPkgLRtwVzCrzyUab1SRkLP9OPXZ3FV69YtCQzwbtesB6Btbf3mxaQQjA3taus78U-XyPVSaplVbGS5e-J7BkL33y-vjVAKHVgf7fwbV1vaBgkib9d_4e0CM698U0I3tYWrwxXTt1sl8ytBg

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:21 GMT
AN-X-Request-Uuid: 6d31d4f8-51cc-4794-b9a4-fa723731366f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK-HFdnYWslhprRx0UY0Yrw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C19C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MjA1Nzk1NDExODAwODY0MQ%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MjA1Nzk1NDExODAwODY0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bf85211d-74cb-4f14-984e-ee8426b65f83
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MjA1Nzk1NDExODAwODY0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_517,y_320/http%3A//cdn.taboola.com/libtrc/static/thumbnails/92f54d24402cf094e4952ea0b14ac835.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: add01009c904d80d9f68ac292af83fb6bb916d1b959361c7d79d3ed49e0c1a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_517,y_320/http%3A//cdn.taboola.com/libtrc/static/thumbnails/92f54d24402cf094e4952ea0b14ac835.jpg
age: 4505867
edge-cache-tag: 542851673267125409018239520697615309635,475447537435695033356127036507246006134,29ecf9b93bbf306179626feeda1fab70
cache-tag: 542851673267125409018239520697615309635,475447537435695033356127036507246006134,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 38
expiration: expiry-date="Sun, 30 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://hsv24.mopo.de/
content-length: 10520
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000170-IAD, cache-iad-kjyo7100070-IAD, cache-sna10722-LGB, cache-iad-kiad7000062-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 29 Sep 2022 01:42:47 GMT
server: nginx
x-timer: S1671434002.514610,VS0,VE0
etag: "c16588e5c83395f1835f63cd19dba457"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a2d51834f2e318b2db9db1f4bcba6e38.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff2b75689833cf1ff562eb7d7b84884f83e00f49a7e04d25f7fd5b051459c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a2d51834f2e318b2db9db1f4bcba6e38.jpg
age: 5095479
edge-cache-tag: 392126455598641379656948877125600254442,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 392126455598641379656948877125600254442,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 98
expiration: expiry-date="Thu, 10 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cnbc.com/
content-length: 16238
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100173-IAD, cache-iad-kiad7000134-IAD, cache-lga21935-LGA, cache-iad-kiad7000142-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 10 Oct 2022 17:13:26 GMT
server: nginx
x-timer: S1671434002.514604,VS0,VE0
etag: "12b340478caa68d84b9ec35bfe4cadbb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 0, 75, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/05912c63e7822dbd0ad6a8af4badabbf.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: def65c5fd83e290458becd986458953ebfe27d7f3ec043dde43100266a54432f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/05912c63e7822dbd0ad6a8af4badabbf.jpg
age: 3345315
edge-cache-tag: 560729099820618216244944137837102114075,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 560729099820618216244944137837102114075,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 135
req-referer: https://www.iefimerida.gr/
content-length: 22724
x-request-id: b839f4a30b69cf6a0d67bdab78aa1d75
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100021-IAD, cache-iad-kcgs7200127-IAD, cache-bur-kbur8200079-BUR, cache-iad-kcgs7200138-IAD, cache-hhn-etou8220046-HHN
last-modified: Thu, 10 Nov 2022 13:58:01 GMT
server: nginx
x-timer: S1671434002.514570,VS0,VE0
etag: "83493e06a63717f5aab996cfc24e637a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 20, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/5bb3dfafa84d1175dd4e2836216c0628.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3331b9f341e2f184f81f001e322854bbb963d246a70a26e6cf7a865c001ae77

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/5bb3dfafa84d1175dd4e2836216c0628.jpg
age: 3369216
edge-cache-tag: 501987080813444016403345468549044078655,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501987080813444016403345468549044078655,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 97
expiration: expiry-date="Fri, 11 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.foxsports.com/
content-length: 8596
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kcgs7200044-IAD, cache-lga21961-LGA, cache-iad-kcgs7200162-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 11 Oct 2022 14:32:00 GMT
server: nginx
x-timer: S1671434002.514618,VS0,VE0
etag: "2a8b36163b1628ae748017d1337082df"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 101, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1663059135806/content/gallery/freenet/sport/topnews/2022/09/13/pictures/imago1013885452h.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c596fa787f2eabb2061dc735587d858f919eb5aaec931e7894bf2791f51fd6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1663059135806/content/gallery/freenet/sport/topnews/2022/09/13/pictures/imago1013885452h.jpg
age: 4044157
edge-cache-tag: 328289271300339372794522705426082920718,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 328289271300339372794522705426082920718,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 3624
req-referer: https://www.sport1.de/news/fussball/champions-league/2022/11/hollisches-achtelfinale-fur-psg-pressestimmen-zur-champions-league-auslosung
content-length: 9138
x-request-id: 0ec92c2469426bfbbea39845f15f4934
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100033-IAD, cache-iad-kiad7000096-IAD, cache-lax10668-LGB, cache-iad-kcgs7200049-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 14 Oct 2022 18:32:40 GMT
server: nginx
x-timer: S1671434002.515148,VS0,VE0
etag: "5e88c828061b3fecd87626b63fe4e396"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 0, 364, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d10e64bad8632e270adcb6b5425aa875.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d1299b71a8d3846c6c63a354fdfa16c0389c2b94eea2a2d46d71329a124c7ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d10e64bad8632e270adcb6b5425aa875.jpg
age: 3439447
edge-cache-tag: 520483458195062292694694425091837898093,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 520483458195062292694694425091837898093,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 71
req-referer: https://www.sozcu.com.tr/
content-length: 81628
x-request-id: a4e043935b05546614b8ef0408aebee6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000044-IAD, cache-iad-kjyo7100034-IAD, cache-bur-kbur8200040-BUR, cache-iad-kcgs7200162-IAD, cache-hhn-etou8220046-HHN
last-modified: Fri, 04 Nov 2022 16:12:41 GMT
server: nginx
x-timer: S1671434002.515136,VS0,VE0
etag: "80c9b450f72b8a2144b2d19fc2ec54f6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 9, 2

GET
H2 200 2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 59 KB
60 KB 30ms
27ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98c5e7cae59700bfc0add315c16633ba5fdfb36db65ba1b5e749e5d215bd3d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age: 2299394
edge-cache-tag: 539264722275397693898618951167535693130,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539264722275397693898618951167535693130,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 835
req-referer: https://whoswho.de/
content-length: 60124
x-request-id: 891b79417a8b6571c6f8f53353a1f0de
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200095-IAD, cache-iad-kjyo7100126-IAD, cache-bur-kbur8200158-BUR, cache-iad-kjyo7100179-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 22 Nov 2022 10:50:30 GMT
server: nginx
x-timer: S1671434002.546736,VS0,VE0
etag: "f6da026fffcb3373818c54195f2e2e1e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 57, 6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad1cc9edb5ac452a2d1cb8c559c0c1c18e4d695211177add920a0b3c157ee04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/710e2647d6b1dd0827badeb56325233f.png
age: 1022278
edge-cache-tag: 595629037177767479183546216043569688665,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595629037177767479183546216043569688665,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 565
req-referer: https://weightlossgroove.com/
content-length: 47032
x-request-id: 30345513c63e63c2913f59590c771506
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200084-IAD, cache-iad-kiad7000115-IAD, cache-sna10738-LGB, cache-iad-kjyo7100125-IAD, cache-hhn-etou8220046-HHN
last-modified: Tue, 06 Dec 2022 15:22:48 GMT
server: nginx
x-timer: S1671434002.547008,VS0,VE0
etag: "d9df8eec2b0034c2318e9e9566ce9cb8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 24, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1618223398549/content/gallery/freenet/unterhaltung/witze/2019/05/16/pictures/gettyimages-militar.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a41904ddfd80ace34af964d3bdbd5f8faf983595d84738cec1f52d38e472240

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1618223398549/content/gallery/freenet/unterhaltung/witze/2019/05/16/pictures/gettyimages-militar.jpeg
age: 6048479
edge-cache-tag: 341171387584735329037041622182722124372,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 341171387584735329037041622182722124372,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 894
req-referer: https://www.tag24.de/
content-length: 29146
x-request-id: 32bc03bcdf9ea29ea154fdaa2bc4d60b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200130-IAD, cache-iad-kjyo7100064-IAD, cache-lga21942-LGA, cache-iad-kiad7000043-IAD, cache-hhn-etou8220046-HHN
last-modified: Mon, 12 Sep 2022 18:30:01 GMT
server: nginx
x-timer: S1671434002.547414,VS0,VE0
etag: "e99b0ed1beba34a77e93ad0e39113bf1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 14, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec6eca152d15768c9e87aad98c72ef58a3eb4d49600211eb3dbf896b6f04636d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
age: 3653118
edge-cache-tag: 525843122041802622962096872320455259449,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 525843122041802622962096872320455259449,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 173
req-referer: https://rp-online.de/
content-length: 18764
x-request-id: 8b8ef7fca50e6e49cce3c9b12f214bb5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100155-IAD, cache-iad-kcgs7200162-IAD, cache-bur-kbur8200054-BUR, cache-iad-kcgs7200099-IAD, cache-hhn-etou8220046-HHN
last-modified: Sun, 06 Nov 2022 23:00:07 GMT
server: nginx
x-timer: S1671434002.547382,VS0,VE0
etag: "526b2230c06226250d5b4e1eaa3a7fb8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 61, 2

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame CD05 30 KB
11 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AROMumnU5DBb7aP8-yj0EzpsLErYQXPIXbLyy_eoKgcPD0MEqllW9s1ZWQsJLxZv5l0GG6ejKmwbWaXJ97-h8zJFOwJS6P0XWM7rytzsCpeNxKfi4Oim7KLTaIE3b6UhD-q39HzuacX__Rh9h7mqUCtvXb0ylmqru-WLjGRRj-TBlcQzg&cry=1&dbm_d=AKAmf-CYyLzPOqw7XOivM1yfNDhsHNIF4zW51ilab0DZzEeAg1-Ro8LxlVyWDTQQD4yU8oylVyOWGgjZ2173FfsQArKiDhdTINXgPROrllnKMX5TQ4_cj-ScnVD1zBbRnoHFK9Ctt4Vr8Vizxe4WydyqdxD0E59wV_vs4i1LvkzUmRzqIPFg-GGSRpuVoEEtr7t4pbaGRKJYF9cEPxL3armtfWygM8Fry55sw955o4fDqZe0u6PnN_CyHmYsHkAMAgpQsRd5IHPQghgjT6PXOcK1Oa0-Sd-sZCX3Od-Q783lMdHKAcYIiIocfJBb4l9Q406f4mIWKGcoijjMwgUFQM5Op9y4Cl4zfNwdYX28NxUo8ONib85pKlvfC4Y6e1b2-aOtwwCt961M-b120bkt2jiU-PNsSs7AEjpz4bHN7LSfzWXaYqmxWVRBZ9b923FrmYHclkGeqcJRMx_5nQJLhffpINBSXBvk_mXliRbj7b-rLJaHxbyopNOI5tEd81ehw-OJ5OYHj1Fhu20TfRIAAcyrLxR5T2BDesjM51mH3AHLYjRARwCjBMeI7viiPhtFbtijvv3NT8suEI6TSwdAR-EGdw0LCrhH9JHEgGSSR8iB-WhjC2mpSJ3L101djpY_Gj2k84m8rD6an-CighczqGECpQ9UHZHLwVacR4R3O0aYB7MiJ9KDc5P5oKJHrH5GenMoVsQQADqs0YYwOjz5fXOTFM6IwaPCWLllfDkat5R7QEOflvqxpEP80bwGtw6nfafDbdSl_rnYz7AZZ8d1B-hl1aH6PUzkDfnkR44oAz6XBwzK7FajT9C2Av9g70GzlWM-uGEyUrtGd0zwTuMBRqH7GSf3heKP_LWOZ3hXdphTH1Vko_uBaXBkh6f0c32hdkCuvmsWJBk4vTTjCc-oSdcwcmAO1cFnzJG5UjYzgmUWLIe5pUEYlDDTtXXKZmbOaI6wnCmutt0tTPRO7dUXrWV6FjNlnPvwiA43S1cwALjrldabELocCJZyRxI9Z447VJX6TX631vqC1zei1F9I0FUwo4i3aeYA9QV3df0iomw8eMa5LLZI01fLKs5NnGI6gDeT8IfB1Gy-ysHbIuwaqT5elXoJa14xLZeCflIJcrvi9C1S_YmHn5NYLKBGLCflABghPb7sewLI-NSXNTOGFC-NSqa3_Shk8-ClD0DOVh1OS3Zxa_vtUC5jh1RYAtyFA8fjCNmi1xkGiKi4lim6Og0xx0LDApqSREMQ8TOT-cGubFwR-bHX25s9bGU9RSZPRp5Imb2zGWO40vz8db5Joh4vSmYBlqyhGPFa36ReJZMYC0E3CvkK0ixDs9MTa97mSkelOH6PAtIzFMBtr3P6rsyDU65EvjkZ9gCS3jij1rWcHWbyjBRUySdF_zlJjrfym1newC3FxfPLKCzWTw12DMuqcXVprKTUmWiIR4pr5lErNywT8xgADV1lMG-DzA2MboTNFT5ptKg0koQbs-8a-rvnjznJJdTsMhhI2zo3frKbdb1OZrIp8m8CRTzxtNmDLd3xRwgkl7E9R-l3ehsD_jW_5ubaI_L3JicRbclzopvvPXVjCm1dBAwG3iKrVIr5ml6BL5PQmyvbI4acm892P4ZrquLen1URvUXwdnb9wJ6blIMNdUbbroH5mZ0P0wN5_Bl4iI7Z38Mgorpqfzr915luFTsEtbd0AIt0wfgT7az6yB8FaK-UkBdS8nNtNqiOEMt6__M1M2T-fEwR7mfn6siUmnK93hZ2j-QWZjdSYfmAiKpwMHoCDEl_ETdYgHSpttDJHgdarZTOQ_-JrVlaws3TT-1gomHHZMEXsH_lj2bqjlZlEGmb7t80BZe8CvKeJ1nug6kGOfOyC8IHiMkUyBXlZBVuCTp5nIRjva6l_wJj6LPyKKTAg3Ae6xYALro1i5n3ZneY9bDxgtKOkHYn_EgR_FJf0OuW3Bi9GwsuNcYzuvEQdpMi6Xc6WxQwCAMXvRoFKBahzwqIAeE0wf6uVmLWW5iMfe8xUfulD4vHnMMwG5WjoXGgDF1qIv632QRtSs6UwZ4bKjdpTT3wPy2UFA-bjqdleoHeeWnYxG04tcMoGhxKraVtQtV0XPgztNiB3FIo1CqEQ66EqyqTiojIbKAyaZ37VIfaBZmiF2hFvRPL7Psd8lgil72Cr2lGQk1C7OhOiK0qHUOE2n5j86v3ZoJ86SqrqdwkdsmzlRU-n2hNCiz9vPZLawEzracTNtu3W9mma7lAxFjBDwVSUMOLz-xzAOrq_k0FCrmchn8jttsRBUlpdl1hx434Ti1YJZFnzcrEzxHu3JU09QuWBVbRSZ_RusNIS8FZ6vCts3SfYZnpVGhKxeisR5QaC-dPkEwaSUfKbCaWQf_cRyvLfa6w28l1i3_rhA35R0a60xMl5pASvnzPjpuTk2zn_x9RnGkfh0C_Wa-LyZHX5XEpxuoAoMPn7-paUC7A14leSfQ1tT5H8wn2hbzDmqdBm-S-BVtkoBx8ki2oMMqxYTD3nOj7elPfVFaTuN78QWfZfCbCpFLdyuBbQrpEEBqM8TgRC9A1Wks6_F8hZBmhMdsjstf6973sd4b4GX7z9H4tAZ_kRQ0IjQuCJram2HfDyAComvfvo_ManaQtVmbNwkpsiZokKUqp1vDm5UOc9l7O4m7waySmh_J9FhmDwVlBSUbDBTZD47XUk-w3IU2_jTG1aKTr45TisvRVPNQBmLK3cV7FDkuoeKyBMUNh-Qb65Nji_VKuiVQPrZp3uklrR6Io3TRl1C-rJE-5W08LCQJ8_YF7ImFaIOCFcQhVESKReLfxWGKOdqtS5HjE81vquVB-tgN0z_kc0vY1HYD7zQRfuuEEUpy-ggBKz6LhpyyFl_3NP28vRhdb9yGFLWv6hbh0krfN593Q7p-Q3iF2RR-CUZGpjrVNzexNDFfsx5zSLBO7KI7VFqYOgT9gaiN4U5vLxO2i4QrEmSJlCacvba9I0V5Z08AVIoSkK9v_RCSj2rNso8kTXZXD_RZ43GqeJrdF08Ukn7iPRKE7T_g7PEC5aIBd0muqF7IFfGYDt51-XM18N63QYriFBpcXrXVChkUGOZINAfqaKtgqxtJH2EuTSKpqBqTsnuwaejlAo4CwllrP4wEs-_ZBgYBvgvgO5X79XAoYz0TWKbR1kc-xlkwDQ43q_xOwSTYKGfwtrcGwGvGCtDV7VIoIpC1pElX7YYC_yX7kOVy4ehbTr15AGLL12G1hf0-5QwRhiCDS4ih2IxBo6zMTIvNSTsUnt3yAhC086nOlmxrKecluy1vAK__3rBAoSsBU4o2IVGv5scmqjIACppb_E50yufy6ZillnCyBcsR_4T3nqe9wiRN8KMTwjcFG_KOrMzFMOHObGXgKAoPt25zm2ujqjKcectiL4XVJ-JjHmHh9cKV4gwg1A_cnJPAaz0esRuYIUCiYsHJZ6Xy1DvX1QdZMpcEt6DmFm1Pn3Y0DlOk9e6QIPFkGZFO3zkXQC_cLl0tYgg7Dwhw&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&rfl=1%2Chttp%253A%252F%252Fultrasurfing.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 13:02:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CD05 41 KB
15 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 03:40:29 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 12B2 34 KB
16 KB 243ms
82ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60228056;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=461671819&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjOyDEA-gY4y2J8KJgAfD36S4DI7zsMZr67TO1PYQp-uivcABEAEghveGJmCVgoCAoAegAZH-0aIDyAEJqQLOG7AQ3cKxPqgDAaoEmAJP0IOwDAHXFZD9-nHvruY6h0v7br3f1Vxy9PGSMCJyaghqU4o0xMJzdXP9rlSf9jG7i4ev_3NAOI_8EhhRgYOn-o3vq4K7GLR-5ccoTetPba3jMBFqFW_C0JeQZ4PwO_UOhPzmKHp24TNjX3nRE5JnffVYYtlQ1pKzwU6YqHA2HoP-3UwgAQdtT35l8A85_-2OLuXi8clC525MPvgnNTSd_dqXuDUxwkF9_eo8kOpqd9Qx663lHxJsPmY30OsgCYsLKs9bJVDwK-vBciKY61yU6IRVdUObCBaVWd9-tLCOSepFo4yHHw9YwRCn3iORzvOjKd0Xfcik67Ri24fHUCP22NU1YI9Xxch5lPogyUYeozdbsE2q1BUCwASMhvDmgATgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE8_yshHQEwDYEwrYFAHQFQH4FgGAFwE&num=1&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&sig=AOD64_3NUhFRBdu_B-0nsWjCRS0ZyEH18g&client=ca-pub-1062972861553303&dbm_c=AKAmf-CjHiNNncbFWJODAUd4AVfEVZLoGhlYc9bsIZkryTL62_XLesTxU7uZbveGE_rxO7h3FtNvXjHg1ot_iiCPnMp54kQSFlIBkgS77W0OhyvSiy2f4xoLCEglrQOaUk3qY9mkkgs93QHBYmS58roai0hsVXMsY46HorOUxp_IQIF3qrMAkf4&cry=1&dbm_d=AKAmf-A1YDxT_FI9N9Ds7TNKJU-AYeyjteX1XnMPqRA9Iicy5Nasx2X1qISCwCpmsNO-WIlkmB9u0gDDSFV3pmka3hDjJMvyn5kV-RYP3mKdYGPSXgB9g-2UqL_Z56mNMqYfOwpAc6PHQ5UNSLaG7Zrb80uYQyRe_UXYYzMM2n4QGoqJPhuNSTiZq5Apn3gOm3Rprn3zu-UnoQpQX2kn5n8r06LJ-9EDx5xfKkJVVkDnedGDSY8XhFo8nA4fndQQzyLFZUo6g0rhT_uLduE5kucFY0Q5U3IBicEubsSJ3ymXb3P9C9HwDaZRT_SebMURPvXc2KwllTFxb7jOnYCMwalmqE7hxm1VfuW51OCfgtb-cl7Bhs4VgiKDq60OX1O7oHdX1WaYgc-kkU2VyaWnm6egA3OvG50B7mcMQsHxWOiBF7yzE0iqCDSJhxgcRpKIgzcyK5DkxHAnzWQGZJMUZGEiIth0WISfN1Ryt9TAgAbA1qMMwTUdLISsydZxws5GsmyTBap0rrhO8w-jYSK5KsF1hBE8yIiLIg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 20 Dec 2022 10:21:53 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E9A5 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 03:40:29 GMT

GET
DATA 200
OK truncated
/ Frame E9A5 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7602e043c991f94e5c5099af5b06b6b43e3923d09eb7c1925abcd594b565e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4863 22 KB
8 KB 23ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 14:10:33 GMT
expires: Mon, 18 Dec 2023 14:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame CD05 34 KB
16 KB 209ms
94ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60244283;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041625256&extPm=17041625256&extCr=461742653&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmBSnEA-gY462J8KJgAfD36S4DPKR0cZr14LFrt4Q__WQ49cCEAEghveGJmCVgoCAoAegAZH-0aIDyAEJqQLOG7AQ3cKxPqgDAaoEmwJP0IVxHrNmnWYU3OF_3ZrxdStsH4Kd3eh2WToUg-b4Nqno81LyRvGBuPIXlaSZhmRuUSWeGXiAKOT7K9d68iOhVFtWHUsk_TqyTENJxtOVhuU5SSGsEuwdgXvrW3JCAJIpNywsBOW4dezba4t_mpGsEcJOkNkyN4W5RLSTQA__NjHAFd0i-s-B29a5zkgyqr4UR4EOkAemeEjR49m0bs6FQUkbGv2o-0RvkrQw2HY2RwuydxoAGVRxVPQuu2pS-49jgEhNKkbK10MDV1mSQ_lrpDMf5VBQoP_zyIhowa5a1exwzAbKeSlBnXrkCJ2JgY7bHm1aYRZj9HXd9WcWDEEzw3i4y2fvSeIJZFcCQYDRaUGnMRWF_EbrcrN4wASEnJvD-gPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7T1shHQEwDYEwrYFAHQFQH4FgGAFwE&num=1&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&sig=AOD64_2WRm1wFclKDjSIcNGVgYLSilMvPw&client=ca-pub-1062972861553303&dbm_c=AKAmf-CzT3vxJuxpTBYaVOCEHjk3lBSHNu3BTGAOFHWkXhBCrnHeBH0k60-MwEThyay0MQ4xrU0FfMvSyRMoiXkFFXJ1T7XmtvYZfinJyazRjwreI9A8CM5z79z_D0Ds7Pvyyxlq7G15qhT7SA4jz1TVMVGg7hJuHI1NXPTyZnHV7vgkXcHEiJM&cry=1&dbm_d=AKAmf-BHkUZWKCs96uqnTb-mq64HZfjvf1yB-oV0alYXes3aVWP8qsPceUxrjXqxmZ016j4uTi6EZbajm_KlJ_iPM_DIWShZXexTrh4kD9vlZg7Nf-SmzHeriPbghLWGET7YzsaATLqwza4McdStGyNaCA5E8xN-GEiOLY2Q99zgNPjecSzA1wxLCLWCqt6FHtkuRQvnOmb1aqr_98vkAcOM5r-hvnvsVlwESdLXqyHx1-8XZhoii4qt1UmkIUc7SUXxTQQ5Z1fbZPo6tCeK-Qs-gYDswqSYKytQdrIFtOfwXFyRUjcoN_GdKxEYmaLl8rNKazrTQCkkTt2xuAmoGeyYx4F_uQ7OBh_hzMtM3ZQ98RhzqP-nqd6pLR_b88Mh0PhaZzKVdX-kGGYnMy-5MjxTkFM6gx-i0Eh7GaLmHypUoHDJZ0ud20WDu2CvUGwJRm0wfuaSl2n5vDTiQ9oQpGsI7OlK2oQbcjmLN18OosNKr9QI6cdvrdsGrwmYlD-jWMHRb2fel9pOnT7YBE5VNyrKToucfkFmxQ&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 20 Dec 2022 10:21:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2554 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 14:10:33 GMT
expires: Mon, 18 Dec 2023 14:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 avpb7.12.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 9B64 62 KB
21 KB 20ms
20ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdultleqjIWPilsD-wES2slq04ovHvcXHBHjM2lZJgXpnVjIVrPpILpPkZa1Y2LEdN3O4E0bTnwY9Mi2gIhsNTaR
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20450
last-modified: Tue, 13 Dec 2022 08:13:33 GMT
server: UploadServer
etag: "4fef592811250ddfa401ef802ab64cfc"
vary: Accept-Encoding
x-goog-generation: 1670919213139487
x-goog-hash: crc32c=w7Xe4w==, md5=T+9ZKBElDd+kAe+AKrZM/A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 20450
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 19 Dec 2022 07:23:21 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B654 178 KB
45 KB 19ms
18ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: HTTP/1.1
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:10:40 GMT
Content-Encoding: gzip
Via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1, FRA2-C1
Age: 162
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 17:02:43 GMT
Server: AmazonS3
ETag: W/"9678e76b6e6295571547f8fe5df68b88"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: 2pGa7U3W8F0cgDj_6X7KrerzOzcIBVcUgCWpcBDuUgNkMbNPFo-miw==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9749 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 14:10:33 GMT
expires: Mon, 18 Dec 2023 14:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6445552857688266089/ Frame 3E1F 8 KB
2 KB 62ms
19ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6445552857688266089/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee6ddb41d43502414b750d682c6c02cfb5ced519af4d9d3aa5bce26b38563dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 163915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2464
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 09:41:26 GMT
expires: Sun, 17 Dec 2023 09:41:26 GMT
last-modified: Wed, 14 Dec 2022 10:01:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E9A5 0
0 133ms
66ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunblFEZfed3Bto1sXwgJHSZvMya9TiPFnIql02DfKH36mnY6vLZrHETulyY2hJPvcY9aUPkbduADjZJ601bINkMDMvLpCI2wvi46MpC3SvljoihBUDRJbNaY1UBfLkJBYp3XjoJ3Wad6DpU8n2n6g9t_L5fzZj1qpCDSfiw1jj03dzT9Acs-VWnNHMSpVnfvT7UzBghDfvBNhIh8vxMD42RXtk2crkZRcDz8iF67hqsx-V6p64YDZdj43Z76aAioUA4plObJ7ZvzAKgXWjDRrNgPEafnDkwYdmTXk_JylE7dqlBfE9ow8cGHT1YXOnXMKh-SjRXtUzpjWDBWPCAWeLhgY8LbhnEBSsuxfyaSMMd2rL_c7Jp27aouTfxbqrqurgCc0aVq-avQi_7y0hlBhTaaRmTiWl3NR23I18K2Dqh1ZN6FPgecQc0OzLId0wEb4mDj6ujLlLugi17fe6Wyvrdj9lGtw27hXbsse4yTuOI2LBV2QnLd5GH7Yy3GKkbdHsMqdpoONxLJ6Prwu67z3Qa8ryb9gFUzBjWW0Ly54RJsOhq-4Rx2nsmIW7rg2Sy_hMjsDfUTe37QfaRqmFO6KVfke8GVtqOp84vYb7xIL_sm8stD6QIe47vd4zCInCfoMSTY18w_F4-VZT6xNFj6fQsUCOSYiBWpDNQdRNiVG3raXBB89DUM61ond8TYXpPBaWJayLBb2SLhx3SnTZ1IJ1jPJWSqr18Mxurn-rMpxiiaxG23ab22_9-QAkpZoQwIRs-IwWapm8s0um0-NqH7LY-KGTj_C7-1Mtn_aA5SaLqq8x6uLzD18RFdQAlSjpsnm0DumfJ07ThL5khLnHBpywyIpiqlp2PiMem-rHYaZx-hcCoQn6hq7fWC9pXBDiz7eEbmKNoq-Cs576I8GZvx2uRn4cMtzR2cT2QvZjbrHKWtuOMsIC7-Pge8we_bx1MPiKuQh3-SV2-AgS-YjD-GronfvrxegoJHqGGQsqiPtPRqTtVdL4vaEvvnwJRxREWy64Cd0Mzp-K10-aDGFhDRKVS_imhsqtXYpFM5bQ-7xX5kW9QxITDWndJXQpuojn3s7I42XZgD8Ia33U7b7wEkJVQMAbVC35z2ETAHnmxs6v4y_HPx0z9MlW48ZHt1fA3JqVogzJ4KlVMfSU2_C407-ALDsJC7A_Af8DigvlyFtopZ1X3uvNdiIhs9j4J-4GUFzMb9KbhnGGsmogZgoO0XzOT1NJDIaMO9J7strx5PaAuzKOv0ijiPUX1iiQ90fnDaoaFF-zeurG39VOWQldOR8vLnu5W2WGTZ8z3Q&sai=AMfl-YQyBT7qFsOxPvZf4fqCfLfebKRsnyvpEPU_zPd_ipLBsT8AJJubNcOSOgN4nq5ntCyWuZyoT_VozT07Y3hwYN2pkOVzf1TOZB7gl2_2HL7UGDgP-CMoS6LzxO2WbBj95tJ6EepBktwOHKa6-Y6v5MivGQox2TFwRdSIIGE-v-q4AP6rojLS0lH2nR7FxlYD5WsMqUIbZNt7OPjlpHCJmgwfXh_lgsZJmxUuCuzPitR-dUm0QN1Kimnbxqo6_2jlkQW9A--_RMVWIAmPX1znwWLZcLl-eEB2qZWgpjeweA&sig=Cg0ArKJSzEFubRkCYTI3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=191&cbvp=1&cstd=186&cisv=r20221207.95997&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 07:13:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E984 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PPgURQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
283 B 62ms
62ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?tvi2=4411&route=AM%3AAM%3AV&lti=deflated&bulkSize=14
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 13
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220046-HHN
server: nginx
x-timer: S1671434002.758562,VS0,VE13
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4863 36 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 19:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 19:24:54 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 186 B
411 B 871ms
812ms XHR
application/json 18.157.51.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.51.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-51-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 795cd1dfb0df85235d312a69a57b5a67400e894f228f0921299f90b3fb602cc6

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2554 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 19:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 19:24:54 GMT

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B654 6 KB
3 KB 21ms
21ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
Content-Encoding: gzip
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Date: Mon, 19 Dec 2022 07:13:20 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 2880
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 02:43:04 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: m1m4qgWPWa96z4vQApju4qeql9LA5OidV9eflFcKxx3f_47o5OUTWw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B654 0
312 B 46ms
46ms XHR
text/plain 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=24b39613-fd0f-4009-9189-976a7d9bfd3d
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:11:07 GMT
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 133
x-cache: Hit from cloudfront
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: aKFSzYkMGXpDL4z7N7BwYE1bBK6uVSJyvY4WejzJR8FxsyIiBv0THw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame B654 23 B
460 B 85ms
84ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=K4cauvpb4SSAm&cb=0&ws=1600x1200&v=22.1212.1511&t=8000&slots=%5B%7B%22id%22%3A%22VidCrunch_Video_Desktop%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!vidcrunch.com%2C62da3b626cdcbb44f25d16d3%2C1%2C%2C%2C&pubid=24b39613-fd0f-4009-9189-976a7d9bfd3d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: JNG8FVPMC574NBMTN3PZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: N9GPb4j5xfSsADDE2cViAGR8NMTrkx25gfw1X-8Riq5ri5ezcSL2UQ==

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3E1F 113 KB
39 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6445552857688266089/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6445552857688266089/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/6445552857688266089/ Frame 3E1F 6 KB
3 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6445552857688266089/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6445552857688266089/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d083967126ab505435dc2d296e5887257c0b0025dd318f16e27f94c9d9df82bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6445552857688266089/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2610
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 10:01:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:30:25 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9749 36 KB
16 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 19:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 19:24:54 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 12B2 2 KB
1 KB 96ms
18ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=60228056&sid=1523392&dvregion=0&unit=160x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037585&aucrtv=56685799&auadid=1523392&c6=1617446&c8=&auplc=9041739&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=i14pro_winter_221212_tec360a_160x600&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2022 17:24:35 GMT
Server: Microsoft-IIS/10.0
ETag: "a15e57c517fd91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame CD05 2 KB
1 KB 76ms
20ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661572&plc=60244283&sid=1523392&dvregion=0&unit=300x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661572&auorder=84037586&aucrtv=56693250&auadid=1523392&c6=1617446&c8=&auplc=9041754&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-nta--Tracking-SIMONLY&c3=PD_BC-215-nta-all-PRE-Tracking&c4=simonly_winter_221213_tec363a_300x600&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_nta-all-tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2022 17:24:35 GMT
Server: Microsoft-IIS/10.0
ETag: "a15e57c517fd91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 commerzbank_smart_728x90_v2_js.png
s0.2mdn.net/sadbundle/6445552857688266089/ Frame 3E1F 40 KB
40 KB 20ms
20ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6445552857688266089/commerzbank_smart_728x90_v2_js.png

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30499f108a4ccc142603f89844eb3c740fe6c3ac89852d2f8c18116a39c374fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6445552857688266089/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:30:25 GMT
x-content-type-options: nosniff
age: 337376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41265
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 10:01:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:30:25 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E9A5 0
0 95ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunblFEZfed3Bto1sXwgJHSZvMya9TiPFnIql02DfKH36mnY6vLZrHETulyY2hJPvcY9aUPkbduADjZJ601bINkMDMvLpCI2wvi46MpC3SvljoihBUDRJbNaY1UBfLkJBYp3XjoJ3Wad6DpU8n2n6g9t_L5fzZj1qpCDSfiw1jj03dzT9Acs-VWnNHMSpVnfvT7UzBghDfvBNhIh8vxMD42RXtk2crkZRcDz8iF67hqsx-V6p64YDZdj43Z76aAioUA4plObJ7ZvzAKgXWjDRrNgPEafnDkwYdmTXk_JylE7dqlBfE9ow8cGHT1YXOnXMKh-SjRXtUzpjWDBWPCAWeLhgY8LbhnEBSsuxfyaSMMd2rL_c7Jp27aouTfxbqrqurgCc0aVq-avQi_7y0hlBhTaaRmTiWl3NR23I18K2Dqh1ZN6FPgecQc0OzLId0wEb4mDj6ujLlLugi17fe6Wyvrdj9lGtw27hXbsse4yTuOI2LBV2QnLd5GH7Yy3GKkbdHsMqdpoONxLJ6Prwu67z3Qa8ryb9gFUzBjWW0Ly54RJsOhq-4Rx2nsmIW7rg2Sy_hMjsDfUTe37QfaRqmFO6KVfke8GVtqOp84vYb7xIL_sm8stD6QIe47vd4zCInCfoMSTY18w_F4-VZT6xNFj6fQsUCOSYiBWpDNQdRNiVG3raXBB89DUM61ond8TYXpPBaWJayLBb2SLhx3SnTZ1IJ1jPJWSqr18Mxurn-rMpxiiaxG23ab22_9-QAkpZoQwIRs-IwWapm8s0um0-NqH7LY-KGTj_C7-1Mtn_aA5SaLqq8x6uLzD18RFdQAlSjpsnm0DumfJ07ThL5khLnHBpywyIpiqlp2PiMem-rHYaZx-hcCoQn6hq7fWC9pXBDiz7eEbmKNoq-Cs576I8GZvx2uRn4cMtzR2cT2QvZjbrHKWtuOMsIC7-Pge8we_bx1MPiKuQh3-SV2-AgS-YjD-GronfvrxegoJHqGGQsqiPtPRqTtVdL4vaEvvnwJRxREWy64Cd0Mzp-K10-aDGFhDRKVS_imhsqtXYpFM5bQ-7xX5kW9QxITDWndJXQpuojn3s7I42XZgD8Ia33U7b7wEkJVQMAbVC35z2ETAHnmxs6v4y_HPx0z9MlW48ZHt1fA3JqVogzJ4KlVMfSU2_C407-ALDsJC7A_Af8DigvlyFtopZ1X3uvNdiIhs9j4J-4GUFzMb9KbhnGGsmogZgoO0XzOT1NJDIaMO9J7strx5PaAuzKOv0ijiPUX1iiQ90fnDaoaFF-zeurG39VOWQldOR8vLnu5W2WGTZ8z3Q&sai=AMfl-YQyBT7qFsOxPvZf4fqCfLfebKRsnyvpEPU_zPd_ipLBsT8AJJubNcOSOgN4nq5ntCyWuZyoT_VozT07Y3hwYN2pkOVzf1TOZB7gl2_2HL7UGDgP-CMoS6LzxO2WbBj95tJ6EepBktwOHKa6-Y6v5MivGQox2TFwRdSIIGE-v-q4AP6rojLS0lH2nR7FxlYD5WsMqUIbZNt7OPjlpHCJmgwfXh_lgsZJmxUuCuzPitR-dUm0QN1Kimnbxqo6_2jlkQW9A--_RMVWIAmPX1znwWLZcLl-eEB2qZWgpjeweA&sig=Cg0ArKJSzEFubRkCYTI3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=401&vt=11&dtpt=210&dett=3&cstd=186&cisv=r20221207.95997&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:21 GMT

GET
DATA 200
OK truncated
/ Frame 3E1F 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5875e49a2696039a2ea407e4e0febb942e0f73bd973698d7ae2980f22f23c0b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 3E1F 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e0a21250317405f5c346190a17c3f72e4f443c243261ce20916a185ccbc802e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42828709ad91aa444517749cdd56dc665ef9419a859d7b40fbb1505ec76338ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c6e72ee524a5beb9bf4c616f50d29b0d69b4bd6d4161dd2d531961c61705ca5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28e530a17d146e0b28568569a6cfebbbd14d29b082dba71518117ecbbf1620fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcad94dc5217edbe940f0e33215ac715a9675a2bfbed59e9804047791eb8f864

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame 12B2 59 KB
19 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=60228056&sid=1523392&dvregion=0&unit=160x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037585&aucrtv=56685799&auadid=1523392&c6=1617446&c8=&auplc=9041739&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=i14pro_winter_221212_tec360a_160x600&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:21 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
DATA 200
OK truncated
/ Frame 3E1F 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88e93d5a10c5ebe9b3637d612334bd0bcafc87f9b24d3aa8554102b3b22a5029

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 454332f68d1cf8857bffca880a4524c0dea98499eee0be1262dc34923d4f5c96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da3eb7670eaa8f33cbec5f35ef157ae63ddaeaf3b839a6d453b074567a972f26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6921c4ba179bc7669521b1ce2ea9be93fcce81a5de388da7e906ff6722417a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E1F 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cba99b67be4f1ca2fee50b1ccbad96f5abd3bb8f8d3518a6616b3fe0bff4bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame CD05 59 KB
19 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661572&plc=60244283&sid=1523392&dvregion=0&unit=300x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661572&auorder=84037586&aucrtv=56693250&auadid=1523392&c6=1617446&c8=&auplc=9041754&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-nta--Tracking-SIMONLY&c3=PD_BC-215-nta-all-PRE-Tracking&c4=simonly_winter_221213_tec363a_300x600&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_nta-all-tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:22 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
1 KB 19ms
19ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: HTTP/1.1
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date: Mon, 19 Dec 2022 07:13:22 GMT
Via: 1.1 varnish
x-amz-request-id: RXPPRCR6WSZ12407
Age: 18481
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: 6HRI7LUqTe5ZMnAAeDpkOqm2g/lgGiuzwqHLIoWfYP0ln7ampDPEtLDVJn9C0zLIy0PK+xJJTPA=
X-Served-By: cache-hhn-etou8220043-HHN
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1671434002.044300,VS0,VE0
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type: image/png
abp: 3
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 6230

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 12B2 1 KB
902 B 143ms
26ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_4899501395&jsTagObjCallback=__tagObject_callback_4899501395&num=6&ctx=11655933&cmp=2661571&plc=60228056&sid=1523392&advid=&adsrv=&unit=160x600&isdvvid=&uid=4899501395&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=108&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=56685799&auorder=84037585&auplc=9041739&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=i14pro_winter_221212_tec360a_160x600&c5=DV360-donotuse1&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEATbpTauTauF%3DEC2DFC7%3A%3F8%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauF%3DEC2DFC7%3A%3F8%5D4%40%3ETar9EEADTbpTauTau55%6036_b376c_552cee25ef7a7g372edh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.80&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_4899501395
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 55a07bc34f854a981a73db288468398c3c44c1bb5041785b2b6693123af69603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:22 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/18/2022 07:13:22

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame CD05 1 KB
904 B 105ms
27ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_361125669188&jsTagObjCallback=__tagObject_callback_361125669188&num=6&ctx=11655933&cmp=2661572&plc=60244283&sid=1523392&advid=&adsrv=&unit=300x600&isdvvid=&uid=361125669188&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=108&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661572&aucrtv=56693250&auorder=84037586&auplc=9041754&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-nta--Tracking-SIMONLY&c3=PD_BC-215-nta-all-PRE-Tracking&c4=simonly_winter_221213_tec363a_300x600&c5=DV360-donotuse1&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_nta-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEATbpTauTauF%3DEC2DFC7%3A%3F8%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauF%3DEC2DFC7%3A%3F8%5D4%40%3ETar9EEADTbpTauTau55%6036_b376c_552cee25ef7a7g372edh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=2.60&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_361125669188
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 5862fbb6164ba889590b746bf055af4360239d7fc33ec8f33df04f848e19ccb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:22 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/18/2022 07:13:22

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4863 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBNvMEQ-gY6u9FsyS7_UPk_-JuAsAAAAAOAHgBAI&bg=!lZalltLNAAYgquz3AKo7ACkAdvg8WhrchafvymULKWXl-T0j7Qvo59CEXd5JsdFUbz94_jCN9rwp8QIAAAEgUgAAAAJoAQcKADA0i94d48xjvYQSsu2ubuTmuaeH5cjjNy5735CSMSGNTyhEhkCdyx56n7-r_P54vlCZAyb23pbIVPV8kPkBYJpd1sAKKVsEW3zoMotXJ3UhKF50R860gQ7o1ieUmSEt5DeMz5mUz10uHRiumMugfhB4s-lG0s9FAua-RSNAAci4Phs2S800_2awEVmO-7YgTwmrVmIMR_AzBX6BDVMuFyCiNp4WK5TF1lfFgg9c8YgDTO0A5AEITBWGXBHxZDPdQuam74pE_riMfveR76spT-30_FlIP2eQoemROiRAFfor9ukf26iRgcpEzs0RsT-ZMgWBNoQff53F1FFX1c8Gs-8lnICfOhngnKjnm7wZQ0ijyNdwSkgVHdYid5FgbMpB_TiG8GwmFR9WdmnaV1gWKKzIv7Z36PXjTAo-qD6GTyA_f5VyIpvBNaGZFubadzraMGJj3tozyK_siJVVPss0KJ4px-4uXYRKoLkqa-MzvuAf0-7NtbqSVWRmJSP3HKFeo3LImMInR78cQNNv7soYsfRBdtQgGvFcfb9O5Qvpohgprq88Cgb2-sNKMmDZ4MjAchIegsTloFip9qjmZdtwGGMC0GJPKAar-S4ywZoIy0c2y2Pyo-RIU9mdY_4KF3We1tnzAXla-FxQ6PIfqCgEqarBhYSI5kw6UutthFGXTFNw-zG2FW8fBQKzJ3m-FJeuN0NT9JVLsYsFXbxWiHWJKgovOM8UjMt6HOZCD1xjyP9DcZvG8t5w4oPEWiVWUW_rFyLZ1aBbaP3GvTsN9DkoSa9UH9roSK2csNp5pFQ4rIB61ON5SiOGLdOwVwhKQXWm4xHbPq_fh2F6tFvA1-zR9Kz4fe2OZ9KXjFbIUANYfkH30qLy08dId0qy2MhlO0va-GokKgelmKhmihH-EvjN4RwTqpkfrpxgFQzwp5CBfBdVHOlwRS9zjgTSX5mt3G3wNLY2nzZwBcqVpFKJpNY4eA_-MLlsofjTB6yxhUUClUPiBAiC4KnTd7JG0EhJw3EaNaEXMvwhBz-O98n-UVbOIAVIANQBq-QgXVbvIwOj2VhP3bdDacVncoXyYK7vaB8Yx80FzqiUqlqWVPWMier4ut_LWSThxOIoUpbh06KSw0yde-QWSzFemHK9rA

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2554 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNkh3EQ-gY5--F4rt3wOXlqr4AgAAAAA4AeAEAg&bg=!aWqlai7NAAYgquz3AKo7ACkAdvg8WqG6Il8igOlqOXcXE5YuNS4zkpT3eK9vc4NW9qn6uH0FZSrTSgIAAAEcUgAAAANoAQeZA0KkQb0ZJgD8KkE9UIHdAlHidJ-JEE0w-0FR5xCM_XXlcbXK-Vbn6HZeG6rsVixp0JchgKT9Y1PfHND74iGtvXl6bMbgNWe-3QtuLVyxFi2amynkWYdrI2YLoQSzKDCllmyFiEHrJJAjwCUAamkOIRgBPrCtCo0Nq_2kFx06wcwGi_M0FuKV3dKO01qnWSohawfHCgdfUjmu-Zmp6KKYsHuToF-UTxJDp_fEVOrZSwzMLHiXvngZSdz2Oa7p0w9xHchr5XR73qhdBGq0TVEWZrNt2ya08Oy8FrQ244I_xyMA_J83B51zBtiZUQyMf40imcx76EOEgQJQXxOi0ThVzzIJBP6gNjsx420wpTk5gg_w7w5qp1lTc1VsmbWQbGnusRzFw4-6rCmJHhCPsBCX_F8H3AEQHBvLbHmSwZ4SUT8YEpRY1xkJCimKU1AnDbkzIfQS7SQFLh4V0amaAYS0ngZg-p5lpc8lbNYjYnBcPSCAeqFcqaHljeX8zuXpa7D1A9iI-LJJjXut78ZJwHyC0W-tFrTgw9stzcyxHiHO-XrFJ1KIf8BS6Pp6Av9YI5tRYCZehDwrPkfSSTcH5HByuN0uumap6tdPFA60O4wXUq1yFIGJILQfNFvO_6t_UH1OiMGnCxvAGQWUKJp26c1-nrjwYmDPPgExvOi-VMGwcpTRsM1UFstdyhou8rxWBjx8jvuDbdohNx_5R9t2KsyUnc1xHHDy9doBW04Oq0eEzTUk-V1ZHPXspQhFs1IdGI3HyewNzqxWEfxBNtIypmRWnemDOBsDDQMqOIQjm8DTSbGokFiJ5XwL1k-zxbzPBrsramge5FKidW51N2kLJvLjmtGeECO8AIn71dKWCwM4IOq-pUxY40zfGX6zhf1XfLUJxkKsNer9mdC62fKYweGXQUb9Xdq0BAatM_fEyYZjGHTmRevEsXRodlEFsYmaEmg3-ELbfHpuHXKM68ilH_3tq_oQSM7iJCVLs20w63YUIy__mzPS7UHDPuw93jjzp7mU7gb7MqN3NNw0Pxh3yZH4wUnFXKUN18dp3WLT8PYeJxshJkU0aThrwOhOr4jOPFntj57FbafDzSkFQjtFn5FnkKV5C1o

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9749 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-WUREQ-gY6T3Fqq99u8Pws--gA8AAAAAOAHgBAI&bg=!5uWl5aHNAAYgquz3AKo7ACkAdvg8WsL73yEY0ZPcL8tVRTvjw-0rgdvLwv6RkM2BkKdThZynysd8hAIAAAEBUgAAAAJoAQeZAzhgfak51hJS3Nben4nDlsFf-gRV8EMQJgxpXAi6D9bmhpMp_P-V2al9s4wd6FyjRSDTC9_Kii3x37Y6EdzcAX3H4wnLAJ46RWpifdn6e3p7neMtE8qkG-S1KmU62_3M40XHf3MQ5TBufO_6fs3ztwgy7BINL7x5ZSIKUQfxGw4kPQpA3erym-ApUFcadqiQT18Oue8hEudahoWwMqOi05LYik1CmTSgjjRu0rLMShN1w3DBEFOv_v8m6sYxlRZiNPD4-IdJgyF0rrPvJS9PvSPrRcMERp4eJvJqzY-0F80-ypyBEkRkldpbPVWkkSrvHYkhUd_UFlSZTn-xelTHAIPjPFz7VO1cD-OzNbC9Fik_u0runBwRb39is9BujUZ2EjNFkVszBKtTL5nxfCj-3_xVHpIK8DwSU7d4ZIZeycqTVstEfAswCwMwYNAjY4YZlMalF24MAxd0Hv1COaL71sFsG3RCOZAuD77B0XYoxEYFJc_zu3b5rK60bEqvBcSW3n6M96VEr92lVOgX04aPD6NdROnSjFBsE88pIDnearE0OdaXnJbAF6vvAdqpMsJG8GYFWuiKIuZ7UHUTsZNWeFGFy1U26mJC9LLSH7pzX2Gas_rkt9HxrcVuhP_htQrurV3UeH-QyCuyPF3BdKylgm9KpkYX1RVZvznkGsLVATWefPZNAoRC54lpoR_9NVS4ij-s2lEDgr40kCes19_qGDs4DvXIXX3YVPZ2vsTdUiBKFNTv0PIrJZj1T6WZS9s1y97qLuYiBwqMzDWaGvmGkqDbgUQgO3Dn7-l-5qhhv3mgf4-2eifCoMaZgW-g-pPasdo-1sY1UyIk1CxRsKl8BSJtx-MdoiFcm3Mh7Cb9gNtoPELn0dkQt8XLh0huH73Jdq3i697k8eYlZvyBspU29gyVrcZHyGPvBvaZ8-4YMJywpJ1Lw40RDGwX-xKIJyPhxgrhVs_2WjrhLYyhe_i4GkuyFzHk-iSyAIc8s0czx7tv3kG1HZsDnUtfw6GHcF7zrPcfbY4Sdq8iOsEE4BL6tptgHEHpN_tKQvvGM5KgPQgqeEoZcHj2shq4yg0jeQzSwKCt_lE2Yr9McA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 12B2 0
234 B 61ms
21ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=9187e5e474a14aab87dbf80f987d714b&vfdur=144&cbust=1671434002223141
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:22 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/18/2022 07:13:22

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 12B2 28 KB
11 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:18:59 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame CD05 0
234 B 60ms
21ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=687a7a3b251942059a222df17b4d3e5a&vfdur=106&cbust=1671434002225468
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:22 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/18/2022 07:13:22

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CD05 28 KB
11 KB 63ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:18:59 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame CD05 60 KB
23 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 01:33:10 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 12B2 60 KB
23 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 01:33:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2492138058212635&bg=!ExClEFTNAAYgquz3AKo7ACkAdvg8WlLw7hzz_v6XrNgnSVZ3LPn-1uyjXiS8FSnQuzhcACtGvifsqwIAAAF6UgAAAANoAQeZAuV9HXzcTfE-rwy-KHVysFhVdy5WdIZ0XNnj6EmI1cakGqozsWmrsdzOfKrleOc9HLUJnryGphORAZOl8rQezq336CgIO70kzvy0px8omQcJs4UhTYgoCSW6RjF6rFdUJFZhlFiYfiX65fkimhJzOhnB_mD88MGrlwiuI-w2KLqVGudQStm36PY-Z8b2lixm_8d71-ULNwB-Y8fTJaw2IRU4Us3-penuhGPB9zr3BiEC-awoHdb4zeJ2DE8My7qSmUTicRLkJhmvti3QFKCoj9EjxZY6aEP0dVz-wX_sbv4uWRde--IF5HUnZmu0rN4u76XCYZEaUSSVNhduOvkcUkUdJ3gLmlfFAW4H8Pl1xKxKWJLKsPfwlzJWe2sZilrPo-SHXKkY1YNuwt9zvLy_EZxy4OXfRcKtK25-sn2_5C9lS8TPQCscCY2wuGzLkioxlCzNCpBMJeePg1zYVO8gLt5dVXyFIaFL_5cvDykRierm-qM-3GjmuV98E33W9t3-0ugq5DG9XXzwt6ym4WQF0yyKua9NXgsCvHDMjEIsrFIUO5gkXZgUZf9b3t8UD3UkZWTxuBdYqMzeJcYSVQ-ihwqyK43vFyXzwRSgMhkJE5TZJ7o3DrQZjm1XuThoa72kToFmNKEC6aJi0Cqdep1OmJctp_BaAyvcFnnPZ9jMj3TMASEy8Uek49HXdxcNP6HKcOdQlAIvlbIE6t3akegxvcpKarrn4wQvjLhMs2f7HA7CfBVEMd3YjX2EALj86o8GJ6phs7BlqM16Ba1fJX-wad95EnEhJOdrLH3B9LGbvkI2a7Tn5kTiSxc2hRJ8kk20gOt__77-KbKp5nZ5BpZOpoQ6iH7h8hNZoae_6zKywlIn5F4R9V4BDvWQKElN9anaGEOLNFH33BPGTdHGZE0XoAwsX6orQhaOQ10vJd8igE9OhV7ZjIeguczE1eJu2Pfcd1wwWsYDlHLOl42Za4SaUlQFDKfLj_k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=394609732;ord=mkl7z0;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=37;prcl=s Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame CD05 53 KB
26 KB 112ms
52ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=394609732;ord=mkl7z0;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=37;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

b8f54297c2fade04f9b0dc822f8ae855ec65c01af3338aa81440fc3009649d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25844
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9689862.280626343;dc_ver=92.271;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3395800992;ord=2mx02a;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=40;prcl=s Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame BF00 52 KB
25 KB 117ms
69ms Document
text/html 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=92.271;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3395800992;ord=2mx02a;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=40;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

0f035e6b8ab29bc58f9f03a6c48d11726f4e32d977791e67b9888ee31ea48cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 25633
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 07:13:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame 12B2 0
334 B 43ms
43ms Script
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60228056;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=461671819&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjOyDEA-gY4y2J8KJgAfD36S4DI7zsMZr67TO1PYQp-uivcABEAEghveGJmCVgoCAoAegAZH-0aIDyAEJqQLOG7AQ3cKxPqgDAaoEmAJP0IOwDAHXFZD9-nHvruY6h0v7br3f1Vxy9PGSMCJyaghqU4o0xMJzdXP9rlSf9jG7i4ev_3NAOI_8EhhRgYOn-o3vq4K7GLR-5ccoTetPba3jMBFqFW_C0JeQZ4PwO_UOhPzmKHp24TNjX3nRE5JnffVYYtlQ1pKzwU6YqHA2HoP-3UwgAQdtT35l8A85_-2OLuXi8clC525MPvgnNTSd_dqXuDUxwkF9_eo8kOpqd9Qx663lHxJsPmY30OsgCYsLKs9bJVDwK-vBciKY61yU6IRVdUObCBaVWd9-tLCOSepFo4yHHw9YwRCn3iORzvOjKd0Xfcik67Ri24fHUCP22NU1YI9Xxch5lPogyUYeozdbsE2q1BUCwASMhvDmgATgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE8_yshHQEwDYEwrYFAHQFQH4FgGAFwE&num=1&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&sig=AOD64_3NUhFRBdu_B-0nsWjCRS0ZyEH18g&client=ca-pub-1062972861553303&dbm_c=AKAmf-CjHiNNncbFWJODAUd4AVfEVZLoGhlYc9bsIZkryTL62_XLesTxU7uZbveGE_rxO7h3FtNvXjHg1ot_iiCPnMp54kQSFlIBkgS77W0OhyvSiy2f4xoLCEglrQOaUk3qY9mkkgs93QHBYmS58roai0hsVXMsY46HorOUxp_IQIF3qrMAkf4&cry=1&dbm_d=AKAmf-A1YDxT_FI9N9Ds7TNKJU-AYeyjteX1XnMPqRA9Iicy5Nasx2X1qISCwCpmsNO-WIlkmB9u0gDDSFV3pmka3hDjJMvyn5kV-RYP3mKdYGPSXgB9g-2UqL_Z56mNMqYfOwpAc6PHQ5UNSLaG7Zrb80uYQyRe_UXYYzMM2n4QGoqJPhuNSTiZq5Apn3gOm3Rprn3zu-UnoQpQX2kn5n8r06LJ-9EDx5xfKkJVVkDnedGDSY8XhFo8nA4fndQQzyLFZUo6g0rhT_uLduE5kucFY0Q5U3IBicEubsSJ3ymXb3P9C9HwDaZRT_SebMURPvXc2KwllTFxb7jOnYCMwalmqE7hxm1VfuW51OCfgtb-cl7Bhs4VgiKDq60OX1O7oHdX1WaYgc-kkU2VyaWnm6egA3OvG50B7mcMQsHxWOiBF7yzE0iqCDSJhxgcRpKIgzcyK5DkxHAnzWQGZJMUZGEiIth0WISfN1Ryt9TAgAbA1qMMwTUdLISsydZxws5GsmyTBap0rrhO8w-jYSK5KsF1hBE8yIiLIg&adurl=;js=1;adfxid=1x;8238;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=http%3A%2F%2Fultrasurfing.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
DATA 200
OK truncated
/ Frame 12B2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cffd514a2f59cde448b11062c9fd634c50f37c188c0fe3cd26cbcd3b17737a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame CD05 8 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=394609732;ord=mkl7z0;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=37;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 13:02:25 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CD05 0
0 56ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssagf0UndpzX7yUnPsJYsTHsveFdNj67vhuP_6kevrJi45Sofp49uln-QTSRZCGCozqxZRq77wwsCb78JXxaivxVML4lsSU_qnhWaZu6WW-UMal8cxK3kL86FPPWbNg0DTET7QaSTzB-VNkdqs8aAybfHe8hvuvBspH&sai=AMfl-YR2fr9bpP3z2915Fig5Ldw7BWzmPexO6JyN-LMD2lRamidcz8-r_vP6IRnDTrt3N8SpeqlN0SmI2s_tBgpFWj7O7j-Fg9c5P2nEhGEQ&sig=Cg0ArKJSzFkDiEh1JKIQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20221207.87234&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
H3 200 11395972518873542780
s0.2mdn.net/simgad/ Frame CD05 298 KB
298 KB 20ms
19ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11395972518873542780

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff189758d75309cf2ae680742df627ea16c4417d9565412a97f4e3d4753d9dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 03:24:33 GMT
x-content-type-options: nosniff
age: 186529
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305385
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 15:42:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Dec 2023 03:24:33 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DEFA 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 14:10:33 GMT
expires: Mon, 18 Dec 2023 14:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame CD05 0
334 B 44ms
43ms Script
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60244283;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041625256&extPm=17041625256&extCr=461742653&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmBSnEA-gY462J8KJgAfD36S4DPKR0cZr14LFrt4Q__WQ49cCEAEghveGJmCVgoCAoAegAZH-0aIDyAEJqQLOG7AQ3cKxPqgDAaoEmwJP0IVxHrNmnWYU3OF_3ZrxdStsH4Kd3eh2WToUg-b4Nqno81LyRvGBuPIXlaSZhmRuUSWeGXiAKOT7K9d68iOhVFtWHUsk_TqyTENJxtOVhuU5SSGsEuwdgXvrW3JCAJIpNywsBOW4dezba4t_mpGsEcJOkNkyN4W5RLSTQA__NjHAFd0i-s-B29a5zkgyqr4UR4EOkAemeEjR49m0bs6FQUkbGv2o-0RvkrQw2HY2RwuydxoAGVRxVPQuu2pS-49jgEhNKkbK10MDV1mSQ_lrpDMf5VBQoP_zyIhowa5a1exwzAbKeSlBnXrkCJ2JgY7bHm1aYRZj9HXd9WcWDEEzw3i4y2fvSeIJZFcCQYDRaUGnMRWF_EbrcrN4wASEnJvD-gPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7T1shHQEwDYEwrYFAHQFQH4FgGAFwE&num=1&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&sig=AOD64_2WRm1wFclKDjSIcNGVgYLSilMvPw&client=ca-pub-1062972861553303&dbm_c=AKAmf-CzT3vxJuxpTBYaVOCEHjk3lBSHNu3BTGAOFHWkXhBCrnHeBH0k60-MwEThyay0MQ4xrU0FfMvSyRMoiXkFFXJ1T7XmtvYZfinJyazRjwreI9A8CM5z79z_D0Ds7Pvyyxlq7G15qhT7SA4jz1TVMVGg7hJuHI1NXPTyZnHV7vgkXcHEiJM&cry=1&dbm_d=AKAmf-BHkUZWKCs96uqnTb-mq64HZfjvf1yB-oV0alYXes3aVWP8qsPceUxrjXqxmZ016j4uTi6EZbajm_KlJ_iPM_DIWShZXexTrh4kD9vlZg7Nf-SmzHeriPbghLWGET7YzsaATLqwza4McdStGyNaCA5E8xN-GEiOLY2Q99zgNPjecSzA1wxLCLWCqt6FHtkuRQvnOmb1aqr_98vkAcOM5r-hvnvsVlwESdLXqyHx1-8XZhoii4qt1UmkIUc7SUXxTQQ5Z1fbZPo6tCeK-Qs-gYDswqSYKytQdrIFtOfwXFyRUjcoN_GdKxEYmaLl8rNKazrTQCkkTt2xuAmoGeyYx4F_uQ7OBh_hzMtM3ZQ98RhzqP-nqd6pLR_b88Mh0PhaZzKVdX-kGGYnMy-5MjxTkFM6gx-i0Eh7GaLmHypUoHDJZ0ud20WDu2CvUGwJRm0wfuaSl2n5vDTiQ9oQpGsI7OlK2oQbcjmLN18OosNKr9QI6cdvrdsGrwmYlD-jWMHRb2fel9pOnT7YBE5VNyrKToucfkFmxQ&adurl=;js=1;adfxid=2x;1043;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=http%3A%2F%2Fultrasurfing.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 16441750131771963665
s0.2mdn.net/simgad/ Frame BF00 40 KB
40 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16441750131771963665

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=92.271;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3395800992;ord=2mx02a;dc_rfl=1,http%3A%2F%2Fultrasurfing.com%2F$0;xdt=1;crlt=TOL-GBN_1k;stc=1;sttr=40;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d162f1a957634c9f376091ae016a94b3bb7e9b11830eafef203201156289f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:26:42 GMT
x-content-type-options: nosniff
age: 596800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41202
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:27:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:26:42 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/ Frame BF00 10 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaf79049653fecc62abee09c76d41c400f586396fb35804ccdb23d980a80154d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 01:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3876
x-xss-protection: 0
server: cafe
etag: 13168786668991128301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 01:44:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame BF00 8 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 13:02:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF00 153 KB
47 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF00 0
0 55ms
55ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssg1dpN9Zzk0TYu8p4Tn6MxE8QLeOx15uGtYdT2GwtkT2ME91NF3X5iy2PtzJU2LE0xMx_U1EMKKM-IwQQEql7WDYEifs3mzL7mFLIYr7lrdlg4Jz8B6jMIIZJipyoGUSyTJFa2taYjEqaxOhqjlRNkR_kdUGRBeRTk&sai=AMfl-YSZWJjgCyj9a3oJ1L3cb3eOpGj_NbwG2dhZdQ9q6Z1Erd5HO5sxGVlI7ag9gunfu-7yz6Jd_z1LfnJ_u6wWsN0MVOcUmDBF57TccZuQ&sig=Cg0ArKJSzCmC6XpbdXgFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.70545&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF00 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 03:40:29 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF00 0
0 54ms
54ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssg1dpN9Zzk0TYu8p4Tn6MxE8QLeOx15uGtYdT2GwtkT2ME91NF3X5iy2PtzJU2LE0xMx_U1EMKKM-IwQQEql7WDYEifs3mzL7mFLIYr7lrdlg4Jz8B6jMIIZJipyoGUSyTJFa2taYjEqaxOhqjlRNkR_kdUGRBeRTk&sai=AMfl-YSZWJjgCyj9a3oJ1L3cb3eOpGj_NbwG2dhZdQ9q6Z1Erd5HO5sxGVlI7ag9gunfu-7yz6Jd_z1LfnJ_u6wWsN0MVOcUmDBF57TccZuQ&sig=Cg0ArKJSzCmC6XpbdXgFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=21&vt=11&dtpt=20&dett=2&cstd=0&cisv=r20221207.70545&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CD05 0
0 55ms
55ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssagf0UndpzX7yUnPsJYsTHsveFdNj67vhuP_6kevrJi45Sofp49uln-QTSRZCGCozqxZRq77wwsCb78JXxaivxVML4lsSU_qnhWaZu6WW-UMal8cxK3kL86FPPWbNg0DTET7QaSTzB-VNkdqs8aAybfHe8hvuvBspH&sai=AMfl-YR2fr9bpP3z2915Fig5Ldw7BWzmPexO6JyN-LMD2lRamidcz8-r_vP6IRnDTrt3N8SpeqlN0SmI2s_tBgpFWj7O7j-Fg9c5P2nEhGEQ&sig=Cg0ArKJSzFkDiEh1JKIQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=75&vt=11&dtpt=73&dett=2&cstd=0&cisv=r20221207.87234&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BF00 7 KB
6 KB 101ms
62ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d779144c2d13e6389edd3fa43255458d476b29850623e11bab3ae6539275c22c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5719
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame DEFA 36 KB
16 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 21:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 21:00:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD05 153 KB
47 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
DATA 200
OK truncated
/ Frame CD05 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d5958251626974081d2b2f952781d6e8f2a29dee4c614ee7971f083ed656a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 277E 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 14:10:33 GMT
expires: Mon, 18 Dec 2023 14:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E9A5 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugGnISGilB1MHPtkLLeJJa2NVhHmvvd0DqXBEjrP2n_PHg4iss5ODGxqSX6-zB5BhyS1TZxqx2zMhNkkkPzn8byjyj32a2dLPZ-X9Yttvr60SOvw5AHpPhznr1pkzTeb5-ePId7w&sai=AMfl-YSg1SqfraPAIpDY_LP6wrZW4R8mw1tcbpPMMkJdNtzdc8dqh-dwJvv1NrKToMRaMQwNVVDeKV0nW8WygT2Sf5hhY13y86yJmBwsWKFMNtkH64EPH0QaJbkbksBpewCDNAQV-0aWI0QjyBTxCrdc&sig=Cg0ArKJSzKfcttKCg9xOEAE&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&id=lidar2&mcvt=1006&p=1110,436,1200,1164&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1233247979&rs=4&la=0&cr=0&vs=4&r=v&rst=1671434001137&rpt=437&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 277E 36 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 21:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 21:00:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BF00 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 07:13:22 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 18ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 19 Dec 2022 07:13:22 GMT
x-amz-request-id: XZ48AY8MC3YY614W
age: 450
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by: cache-hhn-etou8220046-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1671434003.692822,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 3
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 3472

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 102ms
19ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 2047a72677198fed393783b5f72fc9451b0304fec6beb4fa948c72347a89a0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220075-HHN
date: Mon, 19 Dec 2022 07:13:22 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame F42A 36 KB
16 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 19:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 19:24:54 GMT

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
59 B 27ms
26ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=4411&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220046-HHN
server: nginx
x-timer: S1671434003.766675,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 359ms
99ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=cdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490&uad=7f4bda5663702c386616dd479496298ac3df87f9d20911b41098e0b9776765aa
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 07:13:23 GMT
cache-control: no-store
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEFA 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B82KkEg-gY-aYGZWegAentJr4AQAAAAA4AeAEAg&bg=!CwilCEzNAAYgquz3AKo7ACkAdvg8WnzPJjanrRpk38IiCoykxui7HE9jn8qygP8n4kqU30X6sPRJ9AIAAADKUgAAAAJoAQcKAERJkbS-xZ4nc1cWzBJmALnlVMj5NfIJk9T2Q83B7g1ytY46PwOjERSkKRnTJT4p9-yy7_hzoqCMB8uvU57X3M1o0Ppe2ZkDRSW5jXsW2u54ot0r67qOXN-ShgKoYLooNwp7RvJsEPdnogoXBr2tYMhqyLKsdEvZAWj5yxJzYcDKA2jO4OJhj7YGYQtrwIOvEuXClzOxqXPC1sSQQZN5_YIpKTQTQdCKQ-7j4lqQCpJsQeoucLvx5UqrlBJ4g1JxetCk8zZffhL3YQqoqtji1GCiewfa0rKH8J_5gdeI1xOpcpqrTRDBR3W5iAPfwlnvsECOa6kzPHrM18jPtPBbJ4lKRdJq7QjfvlJL4fQbSYMggG0UITMZOXgjxd0sEUW-SpSRxBMQU3EZMXOfLTGXKuYk6az5i2XEKWfm_9Rqkdv90OIEyq_lcfRxVbM3xu-SKAtZzmdnjFn55EcnmwOV44LNirkkGeNun2avclqfqlXnMG6Wr6Dbr-nLOCqT3EdJXqu49OkSCYh6cO6iyqipy9vgxhYVfWapsO22cDqbKWDcpsZLrrl4iQ93OTwCm0OLjRZucR2QQrmvhNYayDdOBkdpuzIagUK4WzBXfsF-2FWcEqt2cxbi5WR59avSBECBo35_Bm1fGltiMOuAcmoBzUU3x-wzU0LQSIx7d-aMA5w6bdpyVmS2sGaNGYX1_wA1bZQYvEHfqZVhyze-IhjqRQFJZHSeJSYPgUdTFLxlRXTvgW2LdD2y8cTJ3VRRMnE5ouqGRYJJ0OD7e_HpD2cw7pKumrvZbWRcWS_ok6KzPeX-HaHneZVPytIEqZgrAukve08oe9yED6Oz-o41cKWM9Z5Q38ZnpVvLMC1teNCiIA5ma0eBN09oTzrg2fcvtam6JShE4DgnGyjB0QrNEH18colQU-TBg3cjv2w1kaIppQ2hwYQnb7bUcv_U7Z2CqDUtdu75c5zAUk2aKsZLpJ1-qesjNL4ovsnKN3FT1soNCqagrbyA-lrDNyfWEbYbH3I3gmbC8v-Jw_J5NHGwr4c1KC-_ONq6sAuLa8AZ2iWirUw32ZvAd9j4DCZk8nWRyaGITDz3jgeAm9g1rls1oPq0KtpyegPYzvjj5CkCLa4Lrl20zf-VaDyyfhj4HL_HBERz5MxpP7clRWnfJHCbFwEM_OOkpJvXeDpWgyz5YtRvaPr-eTHFJAadwkhzJG_gvg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 277E 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be_0MEg-gY-ihGb6D9u8Pn7KY2AQAAAAAOAHgBAI&bg=!UVKlUhbNAAYgquz3AKo7ACkAdvg8Wo8z18-xtt0BpsjPvqjlRWth6QhL-nG1FfLbIeZaCYzF6D9YEQIAAACVUgAAAAJoAQeZA2EdDJE2rmji-JsBxBfoDe1khIDLnD7OEE_jf7tKD-OF3GVj_PA8gDW6vu_tLWn2r3SVb-D9qIPLNK_BSlDXUn08hQvUrr7I2glr42bT1um_IaTELSXfJkhnd3PHPSdqHtLp7sYHi22xtAk7RrHBOQpLaxm3-6AVTbBr-NyWzeDmK9-UVAgUnm1S5S-X3vDIQyy6gZUB5P10OeB6NhuTtOjjqhnySQDqXgXKZ46k7j-Sgp9pz8AXAwqxieWR15ZL54AkWQa-oM2pHoa0ResJx7V_Q0gSvSmLx4G-51rR1QxrkJw3-lfKtDKt1LWpuWgY698v-pzmJtNVuVBghv2Vj57wtVPmHIfTKc70thjk-0uZJvdIOulnlOa3-V8U4_K_7tOQojrphxtdQ5_PeXAJxGUWWDUxmPTt_URmqmK414vJxONbHeLY5BFSQPG8zdG8MB3Eu52nUQJbJ3Yr5UCgczI7ltZeH5uIf2BqfmKm5OrcTMO5_ysyQWgT28kkcSzJjAzEKosOwoUZv82_Y7rDeeQyz9PfFgqXLwQpx_RdJ-z4PxUvsQhb0NoRpTMBoen9vG0eFPFP0PvJFVpbdtgmTejXTrUBnm-p_qw12_OLR4YLZkBeTSvrWQ7-UOzqTG78bFILUDgU6IfRPETbgxIbFYDKNUI_h_8vqyrekdyLqjGEAPIIPleA-wOBqNA-qtdLSnCVuUVVaETQ_cM1EOUUUZxeQaa0Hl2Nv-M8Ibjks0hc5_ZxHX8iIXihFxHWXN_K5iXd40Opix6k1kJAW5G4XGYcOsAqntAy9RAMRJkxe7NeSfiHd86bwoLflTIC88uXle_Dl6dRfOuYn58yrIOPVLdlS9Mnjlckj5qaQ4qeDrXdgUayL0Tu_7CMl4Q_TVp-4NDbvikjJ5jnVc8FrzETT4y2ZsyaUMq2DLsC5-1pkXxE0SdMR0jXnk0MNihOnQhYGvtv2MkACnvZq73iznaOq6kCwdvczknd8spIXUdoAnjJBC4R91RykqUmxCmDUc9H8fnBEo-ZWLgGhx3tKLzQkUGF7fBsSh9tJ5bsJtwszJwd6pJwAch97Miz7ujRDdliXqs_IHDs_malX1Z5ws3tDDWiwPg0PBiXdzsfcAKYaP-rtlTMVDmUrfsbonyvaMCZvHHx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7417 281 B
554 B 107ms
30ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 07:13:23 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7417 34 KB
10 KB 31ms
31ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c41b3683fe7bd288423a2363121b9c6230ad85cee4edbe8d9a4cd4dad3fa3d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 07:13:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Dec 2022 18:05:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39167
Connection: keep-alive
Content-Length: 10066
Expires: Mon, 19 Dec 2022 18:06:10 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7417
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENnTcsemRTAImRBuHSFU7hs&google_cver=1

0
239 B

225ms
21ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENnTcsemRTAImRBuHSFU7hs&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENnTcsemRTAImRBuHSFU7hs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7417
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0Yz1TSwMTdKfrD9Iyk-iqg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Yz1TSwMTdKfrD9Iyk-iqg

43 B
479 B

46ms
46ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Yz1TSwMTdKfrD9Iyk-iqg

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HHHDEA94XXAJNDEG9KB2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Yz1TSwMTdKfrD9Iyk-iqg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7417
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJVR05DTFktRC00NDAy

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJVR05DTFktRC00NDAy

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJVR05DTFktRC00NDAy
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7417
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/PE8oDPfuyQ6KXSXouxQ6lw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-grcnUZNE2oK6wbH_fPqe0M8lxGazNaEyQLgjNg--~A

0
239 B

21ms
20ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-grcnUZNE2oK6wbH_fPqe0M8lxGazNaEyQLgjNg--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 19 Dec 2022 07:13:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-grcnUZNE2oK6wbH_fPqe0M8lxGazNaEyQLgjNg--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7417
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBUGNCLY-D-4402

0
708 B

231ms
169ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBUGNCLY-D-4402
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:13:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CE12BA491AFA4AF0BFB97243F304EC04 Ref B: FRAEDGE1316 Ref C: 2022-12-19T07:13:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwKQ4PhkSXmZJoSlLHyw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBUGNCLY-D-4402
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7417
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGUwNGIzYTA0M2Y3NzVmNGQ1YmRmZTM2OGUzYzM2OGY4ODYzOWRiYw

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGUwNGIzYTA0M2Y3NzVmNGQ1YmRmZTM2OGUzYzM2OGY4ODYzOWRiYw

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGUwNGIzYTA0M2Y3NzVmNGQ1YmRmZTM2OGUzYzM2OGY4ODYzOWRiYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7417 70 B
264 B 46ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7417
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wGQMQNCMQA-zDCPuUc7AZQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wGQMQNCMQA-zDCPuUc7AZQ

43 B
479 B

114ms
114ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wGQMQNCMQA-zDCPuUc7AZQ

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 07:13:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8JXJGFGS5ENRV750C3YH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wGQMQNCMQA-zDCPuUc7AZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12B2 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTcH7JI9DZVuh4wBdfCFWRWKoZUTHkRXvSJxsygD3JJuF0SNeVxMZwtdMM9lAMSKw1hVywuWwYFiwNv4MLG52KvNDmjhIVHdIeMxwisJVH86su2IKOGYhC6ImRTjenCTWw6DkwgQ&sai=AMfl-YSsi39BuaEazkxSxkDFCEvj6MBuSknfE6-O5uIi1tD4LHzVoaaHnAjwuybC0vckfZ45bRlI-LOCWYkKl92qpsLUQofhhjdt9C1XrzHVgPdwj_DEP6tYBlSkDhUJXDuh4WiqXjxWHkOsXtu5zqyi&sig=Cg0ArKJSzPxlWu1jbXNeEAE&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&id=lidar2&mcvt=1001&p=578,325,1182,485&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=331161030&rs=4&la=0&cr=0&vs=4&r=v&rst=1671434001132&rpt=1278&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD05 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYmWGnq60v-KyldsJV5tyEM431uFOtbTOCP1KiawoMEnhfLj3g5Q5uedLLlIdBLpQjhhKMl7E4o1kVomny4-ND94R36QyW&sig=Cg0ArKJSzO_h_kA2sYLTEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=394609732&rs=6&la=0&cr=0&vs=4&r=v&rst=1671434001140&rpt=1400&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD05 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulETA0YQHrymhO-qlkqhP2NxuJ0Woij8EAmAebyPjKRg5YZKknY6pYde9FG6c4XDqjkaKdoZr3e_S4LDG70r_27m6Ahbr1DnqoR6qqGErFDtUV-RZfddo4oCRikRXlaOZdIW6jhg&sai=AMfl-YRYkLi-jnYp2bxh160LXy21hbNJWJ2UDStckpkBsIEUrT3kppYTfV9_00YnXpLHEXd-hWdXS-zn5vH_Mpdx5GHC75dfTCIz33geZwA5A2y2kcQJNnQOG_k--rucbMUUlP6gVyqb73nm81lr2791&sig=Cg0ArKJSzKcp_BA0KoliEAE&cid=CAQSTADq26N9HTkNrSfuK_GAPFz55ppVkv-uMY7VvA7iRDq0sEIJhIzLVHCR92WOuQo469xelnij0lEyHrA9i2pdu8AO8zw-BRNjSyFWspoYASAT&id=lidar2&mcvt=1004&p=578,975,1182,1275&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=2138197022&rs=4&la=0&cr=0&vs=4&r=v&rst=1671434001140&rpt=1396&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF00 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmsCMxYMuSEajbAZSkZ-S7xwGvR18KZ8Au_Ns6sePZw_67J8RB4TwEXcafGP1I_AmrA-l5uSBMhTVEo4_5EuqP5Attxh5p&sig=Cg0ArKJSzGVXAnKTnJJeEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=3395800992&rs=6&la=0&cr=0&vs=4&r=v&rst=1671434002346&rpt=235&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 07:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
servt.vidcrunch.com/ Frame 9B64 0
93 B 121ms
109ms Ping
text/plain 3.225.232.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.vidcrunch.com/track?d=Chrome&cou=DE&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=84135&t=1671434001&cip=217.114.218.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&test=&d64=b1b8aaba75cd9da529bc0fc3363ea2ae&d63=b1b8aaba75cd9da529bc0fc3363ea2ae&aafaid=&proto=http&uid=775e29aa44dc28f092e64d459dd2120d&cha=0.7&stagid=&stplid=&d35=&d36=6.2.68&cb=80834534415&d39=&d65=&d66=8.2.6&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-232-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 07:13:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: cdn.vidcrunch.com
URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/d6932a57bc3c672a0b73ae0d14418d3e.mp4?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d

Verdicts & Comments Add Verdict or Comment

404 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ultrasurfing.com/	1970-01-20 17:02:50	Name: _uc_referrer Value: direct
ultrasurfing.com/	1970-01-20 09:00:26	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ultrasurfing.com/	1970-01-20 17:53:14	Name: _ga Value: GA1.2.1468704805.1671434000
.ultrasurfing.com/	1970-01-20 08:18:40	Name: _gid Value: GA1.2.701649004.1671434000
.ultrasurfing.com/	1970-01-20 08:17:14	Name: _gat_gtag_UA_105623949_1 Value: 1
.prebid.a-mo.net/	1970-01-20 17:02:50	Name: __amc Value: 1_1671434000_1671434000
.rubiconproject.com/	1970-01-20 17:02:50	Name: khaos Value: LBUGNCLY-D-4402
.rubiconproject.com/	1970-01-20 17:02:50	Name: audit Value: 1\|naVuGyos1qr1jrXd6Po/9LU1ZxogGjlwOA+xFj1I9scPlNhSTbzUQzovbv5hE8ug9o4CW9FCQy2O1cY3TuAeAeBxGCOXoSK1qthgj1jQEsHc6UO785F0Pw==
ultrasurfing.com/	1970-01-20 08:17:17	Name: _lr_retry_request Value: true
ultrasurfing.com/	1970-01-20 09:00:26	Name: _lr_env_src_ats Value: false
ultrasurfing.com/	1970-01-20 17:02:50	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dcdfc1d0d-395f-47dc-9b97-c4cdb0450581-tucta999490
.getrockerbox.com/	1970-01-20 09:00:26	Name: uuid Value: rbcr-0eaee250-cec1-4b71-9294-5e1ca8afa188
.liadm.com/	1970-01-20 17:53:14	Name: lidid Value: 143eaa87-2003-42b1-865f-90630bd997b8
ultrasurfing.com/	1970-01-20 08:18:40	Name: pbjs_li_nonid Value: %5Bobject%20Object%5D
.ultrasurfing.com/	1970-01-20 17:38:50	Name: __gads Value: ID=d0e4b36da2ef0c2d:T=1671434000:S=ALNI_MarUQzpoZwzSr62fsjH6B-S89EevA
.ultrasurfing.com/	1970-01-20 17:38:50	Name: __gpi Value: UID=00000b94aaee7b69:T=1671434000:RT=1671434000:S=ALNI_MZhnA39ZLa_ctCZAg6YILDUvObDuA
.ultrasurfing.com/	1970-01-20 17:38:50	Name: cto_bundle Value: gMgkQF9wcE9VUWtoMXZWZGVZMyUyQnBtV0l1bnJOcCUyRlA2MmxKVG5VRGx3cGV4cGlUdFZSVG04TWVqWGFjdW9YckcyRDd5SmVqbXFHUWFCUnRjb2tEaDNBeTJFdE9jQlZDVEtYMjdCckhxNGJ5eCUyQlJHb1ljZGNzazlsSGx1djdZUGFIR0ttMA
.ultrasurfing.com/	1970-01-20 17:38:50	Name: cto_bidid Value: EAEceV9aV1hPWGtpOFh6dFVJc1VJdkV3aHR3cXNJZThETFc3ZUQ2VjdwU0JjMHhUb2RpNjdabzVoWCUyRnNDSyUyQkRrNFVTdmNnaVpRWG1MMjJHc243JTJCREp4ZlhZQSUzRCUzRA
m.exactag.com/	1970-01-20 10:26:50	Name: exactag_new_gk Value: 5e6d4275f7a24ac3a664d8480ebbcf0e%7c17.02.2023+07%3a13%3a21
m.exactag.com/	1970-01-20 12:36:26	Name: exactag_new_uk Value: d6b3e9da9c16416089e7b2d13ae3b27c%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: d8730423b9e141b194b522e1
.doubleclick.net/	1970-01-20 17:38:50	Name: IDE Value: AHWqTUlkFfWz_pq9UiIZzefjaGpAQSZypegANESBdKPprT6nXIbfuu72usmiMT3t
.adform.net/	1970-01-20 09:01:52	Name: C Value: 1
.spotxchange.com/	1970-01-20 08:57:33	Name: audience Value: 9ec3026d-7f6c-11ed-90a3-1d03a5b20306
.casalemedia.com/	1970-01-20 17:02:50	Name: CMID Value: Y6APEZ8I5NEX4Jma3PUcFQAA
.casalemedia.com/	1970-01-20 10:26:50	Name: CMPS Value: 5190
.casalemedia.com/	1970-01-20 10:26:50	Name: CMPRO Value: 5190
.adnxs.com/	1970-01-20 10:26:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTz>[#j.!@wnfH8K6pQK`!5=E<L5?%KekBF3i32G4#0drAd[8=_9iRKntB`_VP>Q.8%nugO%v4VB%nm*+)pMDJ
.adnxs.com/	1970-01-20 10:26:50	Name: uuid2 Value: 7011836180967100606
.adform.net/	1970-01-20 09:43:38	Name: uid Value: 3513499426726697664
.yahoo.com/	1970-01-20 17:03:11	Name: A3 Value: d=AQABBBMPoGMCEFDTbPt6P1wcjcJpYU71cNoFEgEBAQFgoWOpYwAAAAAA_eMAAA&S=AQAAAouvjGV9yeW34WscuAuBZbY
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:02:50	Name: bcookie Value: "v=2&f7145cb2-c4c1-4b64-8077-91a3a98a391a"
.linkedin.com/	1970-01-20 12:36:26	Name: li_gc Value: MTswOzE2NzE0MzQwMDM7MjswMjFdiu+BttQJ25yq3TFTp8U8j7qJSIbWklkoDsKg4hCHXQ==
.linkedin.com/	1970-01-20 08:18:40	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2895:u=1:x=1:i=1671434003:t=1671520403:v=2:sig=AQECYFKZEHgEsMaNS69VwV5dDVSJLCE-"
.amazon-adsystem.com/	1970-01-20 17:53:14	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:35	Name: ad-id Value: A9rHGSTEjEf1gEKCXLDz4h4

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://ultrasurfing.com/ Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://ultrasurfing.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 111) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=461671819&rnd=1671434000645900' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041625256&extPm=17041625256&extCr=461742653&rnd=1671434000645902' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
brightcombid.marphezis.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.taboola.com
cdn.vidcrunch.com
cds.taboola.com
clients1.google.com
cloudflare.com
cm.g.doubleclick.net
cse.google.com
d24zb9qreavi2u.cloudfront.net
dd1be03bfe40dda466ad67f2f8bfa659.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
increaserev.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
m.exactag.com
match.adsrvr.org
metrics.getrockerbox.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
px.ads.linkedin.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serv.vidcrunch.com
servt.vidcrunch.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
tag.1rx.io
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track1.avplayer.com
trc.taboola.com
ultrasurfing.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
api.rlcdn.com
cdn.vidcrunch.com
prebid.adnxs.com
104.96.128.226
104.96.145.246
13.224.195.78
13.225.78.39
13.32.10.16
141.226.224.32
141.226.228.48
142.250.185.130
142.250.185.166
142.250.186.34
147.75.85.234
15.197.193.217
151.101.1.44
151.101.129.44
151.101.65.44
162.19.138.116
162.19.138.119
172.64.175.31
178.250.0.157
18.156.195.47
18.157.51.177
18.66.23.213
185.80.39.216
185.89.211.84
185.94.180.126
192.241.157.60
2001:41d0:701:1000::31d2
209.54.182.161
213.19.147.42
213.202.235.8
216.52.2.19
23.206.210.112
23.35.229.56
2600:1901:0:8344::
2600:1f18:612b:4216:6d9d:8df5:c2a2:f7d8
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:20::681a:17e
2606:4700:20::681a:a19
2606:4700::6810:85e5
2606:4700:e6::ac40:c416
2620:1ec:21::14
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:809::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:831::2002
2a00:1450:400d:803::2008
2a00:1450:400d:803::200e
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2004
2a00:1450:4025:401::9c
2a02:2638::1c
2a02:26f0:3500:1c::1724:a36c
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:d::1732:83c8
2a04:4e42::300
2a05:d018:d29:3605:4011:5737:3af2:29df
2a0c:5c81:5142::2
3.124.138.149
3.225.232.73
3.232.42.112
3.65.162.40
34.107.148.139
34.149.12.213
34.242.189.52
37.157.4.25
37.157.5.72
51.89.9.251
52.204.6.175
52.214.61.187
52.94.223.167
54.197.177.246
54.203.48.28
54.84.206.23
65.9.86.43
69.173.144.138
69.173.144.165
8.249.61.243
99.86.240.21
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00524cc9e6083a7551badbb73aa5a03994633822c964f3a0a4ccab6dee722140
02c58439c05f42c5f4f4ee2446a0aea1c3562e60cda1d3bf0992ee34611a0cde
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
05eefc92f1847ad4d18c94c7286884a8cd781fbfb82f13ca3cc19fa2b75a60e6
06713c81ab791cac2e344e6aebbe3983af163a0ac6b1d8917d329b72aa402f1f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
084edbd70a5834701562e829b7931566dc90ba3b7c2fa1676d74339385197dde
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1299b71a8d3846c6c63a354fdfa16c0389c2b94eea2a2d46d71329a124c7ef
0f035e6b8ab29bc58f9f03a6c48d11726f4e32d977791e67b9888ee31ea48cf5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
2047a72677198fed393783b5f72fc9451b0304fec6beb4fa948c72347a89a0e4
207f42d225e15da39f5027b79fe873f8826cae2b5f252f1d93269567e02380bd
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22f04b0177cbb9f714773bda5d775e3d75bb4b8d9f339b5d7ef99e492f8cebd8
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
28e530a17d146e0b28568569a6cfebbbd14d29b082dba71518117ecbbf1620fe
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2b11b4f293c4988bd58896f97a7f0c6a3308fb2206e03517f21c3974850399e4
2e5ddd4fc367f447bd6e9b76b884cec4f132b57bab7fd2a986af75029536f6f9
30499f108a4ccc142603f89844eb3c740fe6c3ac89852d2f8c18116a39c374fc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319183a3ae89fb791539320989754203459c94bf3babde961f06d983d140109a
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39c5f4caa1f2373533b0175a1a350c4a6e4ccb14918f40b7b66b7a82a38c6169
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a5a7120762e7fe09e34def07faebd5cd18e76480bd57f249271b6ee33384a6f
3ad1cc9edb5ac452a2d1cb8c559c0c1c18e4d695211177add920a0b3c157ee04
3d09f79c5a2899a350481f8ba13c0a8a6e4b16553ca7a834fa5d180b29255ab6
3e6222b2afc92709b8b6b4dae5365f09019bdde51414ba7d4b2b61d4b877056a
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f920c839bfc683424ada755a951e837a34c5342e7e8c144ae0d6fd16b89dc38
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe413ca426b9d7dc82c590310da4b36dda0c9bb657840b076ea2a38f169b8b3
41bef8c741ba30781437f1e76668efc9f65a76ed5370cc06306daf3206f1d6f1
42828709ad91aa444517749cdd56dc665ef9419a859d7b40fbb1505ec76338ae
4317da5f11d2577417abdd427e3dcac6141e374a76135057998f29fd26a62def
43a7d4372f1bb14b09f74270900b28cd66dc47063972792815a415f14b2208da
44599779d5041ac8bb0c1c6bcbbbf575ae8b605b7e1a2c12f530df394d127ba0
454332f68d1cf8857bffca880a4524c0dea98499eee0be1262dc34923d4f5c96
4565a34b0fba23d7b5b6a6471db6b633624f13f40723acda33cc310d1f4e3515
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
4abc9e520ffd17bffe460e8ffffd3b91d9dc009f9d96b23ae82808276e6c3055
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cba99b67be4f1ca2fee50b1ccbad96f5abd3bb8f8d3518a6616b3fe0bff4bfa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5467222e311c26f6bd8fb4d61f961024c95b3acf6e5faa915e647b16bad7a6b2
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a07bc34f854a981a73db288468398c3c44c1bb5041785b2b6693123af69603
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579da1174698df33234e147b1929993cd4a8fc9a02e4fc967494d69add5c73ad
5862fbb6164ba889590b746bf055af4360239d7fc33ec8f33df04f848e19ccb3
5875e49a2696039a2ea407e4e0febb942e0f73bd973698d7ae2980f22f23c0b2
58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420
5a03bc6f8a4016dbc7a0ae2347008521083839f5076118ac7789fc3cd9071458
5d162f1a957634c9f376091ae016a94b3bb7e9b11830eafef203201156289f39
5de08af4f8821721309f755d78dca77375967d979c179560f02824ab1f86bd96
5e0a21250317405f5c346190a17c3f72e4f443c243261ce20916a185ccbc802e
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
61c30efa230bc7bf152b7de51852c2b6160211958fbe60c11a96d4f08a53a9a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eca8bda9d0ae48b996ae9548565ab232944efdfb978e145b03f00ad47ec5b4
6560e554062abbad56bfeb5dfa0098fb6bf9e8984b03d7dff3b20fd61ed42328
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66997dfd6ae8dd4896d276d5e1c52aaa4e5f5b32da8fc8c2b7bdc87825932dd1
6921c4ba179bc7669521b1ce2ea9be93fcce81a5de388da7e906ff6722417a2b
6a41904ddfd80ace34af964d3bdbd5f8faf983595d84738cec1f52d38e472240
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6d976dcc0412d5aa62061b3571cc12e3d7376b29b312a5752394fe5a6f362431
735958e162947ba5a865bf5e44c430ef29c9798a4bbbffc06916547fccaa44d4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748c153677ecd51df2c67c7afd1dc77f653f8d152c6921d6024129815ab1a736
77a3118e57ab6b4382b1e4c55e35a2e2773dea5cacafe1f7e293c50491941444
795cd1dfb0df85235d312a69a57b5a67400e894f228f0921299f90b3fb602cc6
79801a24d4746d53d0e58f264677ff713613387384a5ab819be07d5fefb66060
7bec560230f3eb8f86c519e45c22247e6594345c603220b44fa8f347a9d5c288
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8
822f3a0a006de5333f65d8b8a6182a657ea94f181049e2a424e63bc81da90346
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c7880200a6170e38ac1d70d1c28159b3f4225f8ea7f26015b611baf28c5a68
86f13151e0e7358db45cd21e0418c586699343c229a9075fc3a3a9c0d73f3562
875785701559e4d348ac8de0a88b94a5d3144023db70c394754379d2b6ce5c71
88e93d5a10c5ebe9b3637d612334bd0bcafc87f9b24d3aa8554102b3b22a5029
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8c6e72ee524a5beb9bf4c616f50d29b0d69b4bd6d4161dd2d531961c61705ca5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec3b964d881cbdf58b1e9cd694b23050509b39f46362b089252ef75974084d1
962e14591b1134c488280aa7935148272b1c8efbd0fc00c31146138b4b42d226
96d67845b593fd604b34f4be423cbdab04c16619bb7815116034e8aa304bc9f1
98c5e7cae59700bfc0add315c16633ba5fdfb36db65ba1b5e749e5d215bd3d84
9c5cb954bbe1bc04c749673e114cb5ecba03633a51df5a0b0d9e3d6d458dc36b
9ce7f01c6708187f992e2a407454418e33e967cef13328b3ec95453ba3616190
9d5958251626974081d2b2f952781d6e8f2a29dee4c614ee7971f083ed656a3d
9d771e8e3fac85b1113de6212248832838a6a24e6d3bde88342c7794e87b552b
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9f7a1fe2c0f70923cc34209e1cb8ab7aa4360d7ec803d3fc253448fab8f23833
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2dc805d6b646bed8143003a293b2dfe9790f7a840b90c270465db84b421012a
a3f6995da1355f918b6b6b1801d4df9aca02bdb7f3f20c088812e2ca2fc1d1cf
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f769238d73000947a7fe79555c49e6dfc4198bf591d80c69c7a38229189a7e
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a901df1020e7a65047dde44291f9622bd38a58526996f25da8fe250c09c603bd
a906aa21f5269921b2c943fe3aae8df0fdf84d28732be908ac2f60a1073f59e1
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aaf79049653fecc62abee09c76d41c400f586396fb35804ccdb23d980a80154d
add01009c904d80d9f68ac292af83fb6bb916d1b959361c7d79d3ed49e0c1a15
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
aee6ddb41d43502414b750d682c6c02cfb5ced519af4d9d3aa5bce26b38563dd
af2d3947f37c2b8aada4814d0e45f8c45e283a8adfebf1223830592013aea863
b134f7ed2c5f409713923b4bd37199d4ee095fc443b2e5d743fe446a5dd426d6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b2bea2da9803c4ecc5861d210f88a8550399fa316e9a1d2e3e89c7319f5bbbfc
b2c3b50384ff1a95beebe2d3b89159a6110e878601b4fd40e5997d955738bb58
b2f58833b414d4cc749ec94e99fc8ac510b5477b8a75272890495d8bb298c335
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8f54297c2fade04f9b0dc822f8ae855ec65c01af3338aa81440fc3009649d86
b96a281629dda172e65bc95d10d589a71b4b45edf4ee68a6d326789c9f66ab9d
b9e81862b36a6c69c4eb33e1c1526c44060c3d98f94fcf57801b8accdbcc1f71
bb87e2c2a57188499ac992caee776f502cce8b8aad8c0bcbc4a3904acdfa7dcf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c3ccd5e5b287ba30252aaebc8baca76dc649a9e85f78564d3c429c3e6fcdefbd
c4005c2edf3f933d063b1625d3ede75d192bcc7e48cea7e03c2b96889fcb9790
c41b3683fe7bd288423a2363121b9c6230ad85cee4edbe8d9a4cd4dad3fa3d64
c4cc3c4828ca3466dd9ae6fc32714aa6dc832c16205e709d78ff886275c39329
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c596fa787f2eabb2061dc735587d858f919eb5aaec931e7894bf2791f51fd6f6
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd7602e043c991f94e5c5099af5b06b6b43e3923d09eb7c1925abcd594b565e5
ce14097b9e9c1ed98d053e09b70f83c22f28009356983d794ef56953917f6b32
cffd514a2f59cde448b11062c9fd634c50f37c188c0fe3cd26cbcd3b17737a9d
d056ef019edb16f9596646f1a8e0461b8dd0aa30d985fb5aa2e199290738ab44
d083967126ab505435dc2d296e5887257c0b0025dd318f16e27f94c9d9df82bd
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2f9dc29988b271893a22c1811c7ed2d11187bb817da30bc3d4c17b6994340e8
d4e2e9725ee16e81d98fb5ce1d7ca65f0abdb0255c709f0bb1beedb0e5df4dc4
d779144c2d13e6389edd3fa43255458d476b29850623e11bab3ae6539275c22c
d8819fcb5f78faa81162daaee8ac5935a476a0cd31e813d3223e713d28c58184
da1313699b5c21e0a865ccf02055c0a4327466cc819b603e5dff462580e5adad
da22029c23fe8666c2d3dc11f00344a038e741fd1ddfa906a2755db771d3d851
da3eb7670eaa8f33cbec5f35ef157ae63ddaeaf3b839a6d453b074567a972f26
dad9d8fec3272bfb8994109eec477795f9a07213a00d8a9a97eb08899f48d7e0
db4e259a48d171f7453fe13cac5a805f065c2b20e831d7cf86103946a45bbedb
dbff17eb889b51f45293cb3e94069f56218584c0131539055e5936e767a1fae4
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def65c5fd83e290458becd986458953ebfe27d7f3ec043dde43100266a54432f
e2e407adcd1f1f76232a2feab4dd7f8cfab656a21e923ddeb41c3ed667faa725
e31328c801145f1256778edbb81c2b001364553db85e415063412361841bd5b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9dfc68f6695399d2675bac7930985e3099d615566604e436a04432a8bcc3a
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e771fe0efd610e3869ea147051282b930b54e15a514d4a1e1dfeef70bf4e5635
e9c97d4dc68be6bd48f1914ca8addb3e93afc70fe76211c02560e2290b21191b
ebc79e5877bd8127a0806fde493b4a497df2527dc8ca1a0ce736f8e734427f89
ec6eca152d15768c9e87aad98c72ef58a3eb4d49600211eb3dbf896b6f04636d
ed506f28b948404fd00cc46987169d3874d5ea18e3836b669e5aabb5186812c0
edd9def57a86d388ae9b9e3277eb2715333c017eed3f095f6f0b6479957289f8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0776003f14963d1bebc73e37aba46309e844ce9c2f3cd650a15162029849ae8
f0ccb364748f2329b7efcf49212cdf5814ea3c0766d857e9596d11a67011c0db
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1015286a98a864590d2dd5eeec4e9a9da904ed79010efc53da26ac9d5ad78e8
f3331b9f341e2f184f81f001e322854bbb963d246a70a26e6cf7a865c001ae77
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9
f94b99e126b3c8acd070cc337dfa76d8f836bf5d0b8e9a36ebf6a182ea9fd481
fcad94dc5217edbe940f0e33215ac715a9675a2bfbed59e9804047791eb8f864
fd1addbea7b928df6ef2824e349a10b63f470d018d761d6ba5d9c2550e3d1762
ff189758d75309cf2ae680742df627ea16c4417d9565412a97f4e3d4753d9dd6
ff2b75689833cf1ff562eb7d7b84884f83e00f49a7e04d25f7fd5b051459c828

ultrasurfing.com Open in urlscan Pro 2606:4700:e6::ac40:c416 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

332 Requests

83 %HTTPS

40 %IPv6

53 Domains

97 Subdomains

87 IPs

9 Countries

10123 kBTransfer

15811 kBSize

37 Cookies

52 Outgoing links

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ultrasurfing.com Open in urlscan Pro
2606:4700:e6::ac40:c416 Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

83 %
HTTPS

40 %
IPv6

53
Domains

97
Subdomains

87
IPs

9
Countries

10123 kB
Transfer

15811 kB
Size

37
Cookies

332 HTTP transactions
14 data transactions