ultrasurfing.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ultrasurfing.com/
Effective URL:
https://ultrasurfing.com/
Submission: On April 02 via manual (April 2nd 2024, 5:45:27 pm UTC) from PL — Scanned from NL

Summary HTTP 359 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 78 IPs in 12 countries across 49 domains to perform 359 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 412932.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.

This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	152.199.21.70 152.199.21.70	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
20	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:6000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
13	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
2	34.248.72.127 34.248.72.127	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	13.35.57.188 13.35.57.188	16509 (AMAZON-02) (AMAZON-02)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
70	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:24e... 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
10	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:911d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	133.186.12.49 133.186.12.49	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
8	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
6	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
2	2a02:26f0:350... 2a02:26f0:3500:2b::17cf:d25a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a02:26f0:350... 2a02:26f0:3500:f96::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:350... 2a02:26f0:3500:2b::17cf:d25d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	96.46.186.186 96.46.186.186	7979 (SERVERS-COM) (SERVERS-COM)
2	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
1	173.0.146.6 173.0.146.6	7979 (SERVERS-COM) (SERVERS-COM)
4	2.21.20.132 2.21.20.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1	52.19.185.1 52.19.185.1	16509 (AMAZON-02) (AMAZON-02)
1	138.197.53.255 138.197.53.255	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
3	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
2	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
2 3	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
2	34.237.162.144 34.237.162.144	14618 (AMAZON-AES) (AMAZON-AES)
4	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.54.14.52 52.54.14.52	14618 (AMAZON-AES) (AMAZON-AES)
1	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:8... 2600:1901:0:8a8e::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	67.205.186.47 67.205.186.47	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
3 3	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.155.211.205 54.155.211.205	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
359	78

13 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ultrasurfing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 152.199.21.70 (United States)

ASN15133 (EDGECAST, US)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
keymap.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.72.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-72-127.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.57.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-57-188.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magazine-api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.12.49 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p049.net133186012.broadline.ne.jp

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

sghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:2b::17cf:d25a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:f96::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:2b::17cf:d25d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.46.186.186 (United States)

ASN7979 (SERVERS-COM, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.0.146.6 (United States)

ASN7979 (SERVERS-COM, US)

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.20.132 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-132.deploy.static.akamaitechnologies.com

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.36.83.245 (Barbera Del Valles, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.185.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-185-1.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.53.255 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebid.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.162.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-162-144.compute-1.amazonaws.com

reachms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.14.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-14-52.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

taboola-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8a8e:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

http-intake.logs.us5.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.205.186.47 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sync.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.246 (Barbera Del Valles, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.149.91 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.211.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-211-205.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 996 trc.taboola.com — Cisco Umbrella Rank: 704 vidstat.taboola.com — Cisco Umbrella Rank: 3327 am-trc-events.taboola.com — Cisco Umbrella Rank: 14840 trc-events.taboola.com — Cisco Umbrella Rank: 2340 images.taboola.com — Cisco Umbrella Rank: 1700 imprammp.taboola.com — Cisco Umbrella Rank: 17270 am-match.taboola.com — Cisco Umbrella Rank: 18102 am-vid-events.taboola.com — Cisco Umbrella Rank: 16815 magazine-api.taboola.com — Cisco Umbrella Rank: 79977 pips.taboola.com — Cisco Umbrella Rank: 1744 cds.taboola.com — Cisco Umbrella Rank: 1930 wf.taboola.com — Cisco Umbrella Rank: 3421	2 MB
51	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 20198 e3.adpushup.com — Cisco Umbrella Rank: 23723 keymap.adpushup.com — Cisco Umbrella Rank: 65755 video.adpushup.com — Cisco Umbrella Rank: 79410	3 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 162 ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com	408 KB
16	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653 region1.analytics.google.com — Cisco Umbrella Rank: 2655	127 KB
14	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 67733 sghb.aplhb.adipolo.com — Cisco Umbrella Rank: 62337	283 KB
13	ultrasurfing.com ultrasurfing.com — Cisco Umbrella Rank: 412932	56 KB
11	aniview.com player.aniview.com — Cisco Umbrella Rank: 2380 tg1.aniview.com — Cisco Umbrella Rank: 11149 track1.aniview.com — Cisco Umbrella Rank: 2718 go1.aniview.com — Cisco Umbrella Rank: 5483	329 KB
11	criteo.com gum.criteo.com — Cisco Umbrella Rank: 469 bidder.criteo.com — Cisco Umbrella Rank: 692	2 KB
10	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 637 aax.amazon-adsystem.com — Cisco Umbrella Rank: 404	86 KB
10	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	502 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 2042	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	501 KB
5	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 756 eus.rubiconproject.com — Cisco Umbrella Rank: 584 pixel.rubiconproject.com — Cisco Umbrella Rank: 371	2 KB
5	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1131 bcp.crwdcntrl.net — Cisco Umbrella Rank: 953 sync.crwdcntrl.net — Cisco Umbrella Rank: 857	80 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 466	2 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 686	125 KB
4	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 635 taboola-d.openx.net — Cisco Umbrella Rank: 6215	610 B
4	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 840	467 B
4	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 16098 a-prebid.vidoomy.com — Cisco Umbrella Rank: 18835 a.vidoomy.com — Cisco Umbrella Rank: 2906	2 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 697	825 B
4	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10340 http-intake.logs.us5.datadoghq.com — Cisco Umbrella Rank: 34565	249 B
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1184	106 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 365	2 KB
3	bfmio.com reachms.bfmio.com — Cisco Umbrella Rank: 8915 sync.bfmio.com — Cisco Umbrella Rank: 1593	604 B
3	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 15804	208 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 504	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 675	1 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 961	551 B
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 591	914 B
2	cootlogix.com prebid.cootlogix.com — Cisco Umbrella Rank: 5625 sync.cootlogix.com — Cisco Umbrella Rank: 3110	675 B
2	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7322	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 295	58 KB
2	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 76393	5 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 491	135 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1357 pixel.quantserve.com — Cisco Umbrella Rank: 1140	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 744	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 33066	12 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1153	474 B
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1641	566 B
1	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1645	341 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 255	1 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 715	369 B
1	genieessp.com js.genieessp.com — Cisco Umbrella Rank: 48790	159 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 313	17 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 9354	408 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	2 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2554	463 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1364	634 B
359	49

	Domain	Requested by
50	images.taboola.com
29	pagead2.googlesyndication.com	securepubads.g.doubleclick.net imasdk.googleapis.com ultrasurfing.com pagead2.googlesyndication.com
25	video.adpushup.com	cdn.adpushup.com
20	e3.adpushup.com	ultrasurfing.com
15	fundingchoicesmessages.google.com	cdn.adpushup.com securepubads.g.doubleclick.net
13	ultrasurfing.com	ultrasurfing.com
11	cdn.taboola.com	ultrasurfing.com cdn.taboola.com
8	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
7	gum.criteo.com	cdn.taboola.com static.criteo.net player.aplhb.adipolo.com
7	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net imasdk.googleapis.com jscdn.greeter.me
6	player.aniview.com	vidstat.taboola.com player.avplayer.com player.aniview.com
6	sghb.aplhb.adipolo.com	player.aplhb.adipolo.com
6	am-trc-events.taboola.com	cdn.taboola.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagmanager.com	ultrasurfing.com cdn.adpushup.com www.googletagmanager.com
5	cdn.adpushup.com	ultrasurfing.com cdn.adpushup.com
4	id5-sync.com	player.aplhb.adipolo.com
4	static.criteo.net	player.aplhb.adipolo.com static.criteo.net
4	targeting.unrulymedia.com	player.aniview.com
4	magazine-api.taboola.com
4	onetag-sys.com	player.aplhb.adipolo.com
4	bidder.criteo.com	player.aplhb.adipolo.com
4	trc.taboola.com	cdn.taboola.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	secure.cdn.fastclick.net	ultrasurfing.com secure.cdn.fastclick.net
4	c.amazon-adsystem.com	cdn.adpushup.com c.amazon-adsystem.com
3	x.bidswitch.net	3 redirects
3	rtb.openx.net	2 redirects player.aniview.com
3	prebid-server.rubiconproject.com	cdn.adpushup.com player.aniview.com
3	track1.aniview.com	player.aniview.com
3	player.avplayer.com	tg1.aniview.com player.avplayer.com
3	http-intake.logs.datadoghq.com	cdn.adpushup.com
3	b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	cdn.adpushup.com www.google-analytics.com ultrasurfing.com
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	a.vidoomy.com
2	cm.g.doubleclick.net	2 redirects
2	lb.eu-1-id5-sync.com	player.aplhb.adipolo.com
2	reachms.bfmio.com	player.aniview.com
2	ads.stickyadstv.com	player.aniview.com
2	player.adtelligent.com	player.aplhb.adipolo.com
2	am-vid-events.taboola.com
2	www.googletagservices.com	jscdn.greeter.me
2	jscdn.greeter.me	securepubads.g.doubleclick.net
2	imasdk.googleapis.com	cdn.adpushup.com imasdk.googleapis.com
2	www.youtube.com	cdn.adpushup.com www.youtube.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	tags.crwdcntrl.net	ultrasurfing.com
2	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	ultrasurfing.com
1	cm.adform.net
1	sync.crwdcntrl.net	1 redirects
1	a-prebid.vidoomy.com
1	pixel.rubiconproject.com
1	sync.cootlogix.com
1	http-intake.logs.us5.datadoghq.com	cdn.adpushup.com
1	taboola-d.openx.net	player.aniview.com
1	eus.rubiconproject.com	player.aniview.com
1	sync.bfmio.com	player.aniview.com
1	wf.taboola.com	player.aniview.com
1	prg.smartadserver.com	player.aniview.com
1	id.hadron.ad.gt	player.aniview.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	ib.adnxs.com	cdn.adpushup.com
1	prebid.cootlogix.com	cdn.adpushup.com
1	ap.lijit.com	cdn.adpushup.com
1	d.vidoomy.com	cdn.adpushup.com
1	go1.aniview.com	player.aniview.com
1	eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tg1.aniview.com	player.aniview.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	js.genieessp.com	securepubads.g.doubleclick.net
1	trc-events.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.google.nl
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.jsdelivr.net	cdn.adpushup.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	pixel.quantserve.com	ultrasurfing.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	cdn.adpushup.com
1	keymap.adpushup.com	cdn.adpushup.com
359	90

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
chrome.google.com
ultrasurf.us
www.verisure.nl
popup.taboola.com
0zl9z6.tclfplxhhh.com
zelesta.nl
easyshoppeonline.com
bestealarmsystemen.nl
track.infinitemonkeytech.com
2f7w2d.tclfplxhhh.com
search.vyager.com
app.goldentree.nl
images.slga.nl
search.nl.kiwi-leaks.com
hww997.tclfplxhhh.com
isolatie-offertes.nl
redirect.trackerado.com
crafthub.nl
click.coolfix.com
dailyredirect.com
tipstoday.org
tr.bestgadgetdiscounts.com
zonnepaneelofferte.nl
kunststof-kozijnen-offerte.nl
www.planethealth.nl

Subject Issuer	Validity	Valid
ultrasurfing.com GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
*.adpushup.com GeoTrust TLS RSA CA G1	`2023-08-11` - `2024-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google.nl GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-16` - `2025-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
greeter.me E1	`2024-03-11` - `2024-06-09`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-16` - `2024-11-26`	a year	crt.sh
player.aplhb.adipolo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
sghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-10-15`	a year	crt.sh
player.adtelligent.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.avplayer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-15`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.cootlogix.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-19` - `2024-11-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
id.hadron.ad.gt E1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-14`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.logs.us5.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-06` - `2024-11-08`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://ultrasurfing.com/
Frame ID: D34F154209869729A3007ECFB60DD7B2
Requests: 268 HTTP requests in this frame

Frame: https://b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A2B3BF3FA69AE8EC93CB65D15902ADE
Requests: 1 HTTP requests in this frame

Frame: https://b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34A51D33A67932C02A96B378A9142B4F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52CBED5DE5035D77C401930F68BF9E0A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.631.0_en.html
Frame ID: 6869D3495BB0F2633583035055BB2918
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D6D826C7AFE98104B0A6327936190E99
Requests: 1 HTTP requests in this frame

Frame: https://b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F90FBDD33AC9E087A0630661957808E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvvB6Rpd37DLmi9QAg8ksiWU5GPwqqCtlpmYXDzkYwJ-uOq3HWweRJPxC93O5xVFRuK_Sm1FAGPkOgxZDtMuRnRBV1jcfV8RK5sDkfBpxlNE9APwDOzofePQXYG8ERrWz7CghPRp_hAq9sFxky7EcgqOBe42IDCUyF0svGrXziJwxMV1IsdLhuZYfaXEhJdNYZ6IV-jX63CHlK3A1qGJgfOr6l8a0waRSWVkP3Xyc9lPcuzaXPzy_Rw-C2mdjGDJxkinD8Q0lsgLQZTAtjkg_6u52vWU0ZciKT15aE9vPLFXBwoViF6iX-jh4GZaPQhQHtsY9V8nYCIqIA_pRyjgUw-mawyYUJIeysfna-Rc-6ZYGOzPoLTQD9sDN7kfxyUPe0&sig=Cg0ArKJSzDqpAFWUGMfWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 59678AEEBC1A6FDE8BEC162B19B73AA6
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvxE5nKU4PNv9Vn3Xd4MntAjV2mJGzxzc-Nr69_gHp1OKsjePckxuQ8787inIfSnAFRCl_3U1b6ou3B-4FNHmOZPndMS8NOTgtdAeIo6qkX3aXa1mJ5Ywx9a_glfVUP9sCRT1sicE_-k7Y-vssxS_x3Mz98Lh9Zti7u74yhsrFfe9hRYFNOsAOTAmaePTGIDwOhT-8hgxsSHZmCpAOHeprug2fAwouk3e379lJLZBMvBw1z0-fbRnao92z4kHtcs_3EvDrJw1yIS_pKx1PSHmj1SE_cXh-UNimVhxvuyrllNaR7cIBVOj45qnJCCVmaPtcN4Hf84f8BtTb8XTVD1pKxIT4Nej-22D1sxVyXbTrPydhcPkUlRYzZoFuS7CEG4CM&sig=Cg0ArKJSzEFDsGPytBolEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6A6EC1810E9F696566E3B3001E235120
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvkni6lI26Ymw1qhBd0j80zZNY-msx6uQssG8NyxATou3YsFTAO7JnNdMy_Dv2Raeyp47cwazQJm0ZPkK5Fxaya1JaOu0KThqiOpoTq_SOpxewF0GDTGxI320YRKAD-njLxHSP_gC-9c6a4khth2_9AuxZciEg4T2860oSAr8eZxhoLw-UTqRJZ7OI1IgUsShklz-wqQppSOsl0tpI45OjdaPKqD7riz8-yPMH_StkKri-nCgPSc8t1c_NPhP3rAUZacAlwRKeofK882iQnZdbIM72qqV4Z7J6hQRlUDVEjMTDCaYBGZu4RndBr2yLUOyj_RAF4Kr8UBHA0-6JIr9F_H9PrggFOqtVjjLEBySGIjsI-OtP8I39mNcWvoS2DuXE&sig=Cg0ArKJSzHn5AUYAUA95EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0B5B54A8359BDED1F330FB37897353BF
Requests: 8 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&cmcv=&pix=undefined&cb=1712079921149&uv=3391&tms=1712079921149&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!aniviewInteg2-in_vA!aniviewInteg2_vA!mprdct01val_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9209a353-922b-46eb-9bda-745b491252c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: BAD9344C640CD672D2F4F393C8929295
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: BCA12C4EA5AEB71F8AACE369A41276F0
Requests: 1 HTTP requests in this frame

Frame: https://ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F8ABC3CE5F0C3AB2CCE127A434E7C69F
Requests: 1 HTTP requests in this frame

Frame: https://eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7C33606793D472EA3E0838B2BC14DA85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3A8ED483326F50692F6E7DE9A2EBB96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CDD7F37AEEAEFB35F783F77AC575ACE
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Frame ID: 5D432BA1DFAFDD12B3E627AA73E01FE2
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com
Frame ID: 4A3EF921D9158A6BBD1FB9E5EAB9236D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com
Frame ID: F26D29F8B456BABEC9BA215348108A5E
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=49ea09a8-ef1c-4837-ee48-208a4a2f098b&gdpr=0&gc=&gce=1&us_privacy=&gpp=&gpp_sid=
Frame ID: A2F2288CE67CFBD0781A94ECE04B0E94
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: ABFA9853BEF323BA3A48699C510575D8
Requests: 1 HTTP requests in this frame

Frame: https://taboola-d.openx.net/w/1.0/pd
Frame ID: C55E953488E81A5DF2F0D0F292192E38
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712079921326
Frame ID: 69BFDEE9C41ABB5088F60BEED585E733
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712079921325
Frame ID: 86E8977D23960D31B2A6C93C7EC7427E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ultrasurfing.com/

Page URL History Show full URLs

http://ultrasurfing.com/ HTTP 307
https://ultrasurfing.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

359
Requests

96 %
HTTPS

34 %
IPv6

49
Domains

90
Subdomains

78
IPs

12
Countries

8061 kB
Transfer

21805 kB
Size

40
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/ultrasurf-vpn/id1563051300
Title: Ultrasurf iOS VPN

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.ultrasurf.mobile.ultrasurf
Title: Ultrasurf Android VPN

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/ultrasurf-security-privac/mjnbclmflcpookeapghfhapeffmpodij
Title: Ultrasurf Chrome Extenstion

Search URL Search Domain Scan URL

URL: https://ultrasurf.us/download/usf.exe
Title: Ultrasurf Windows Client

Search URL Search Domain Scan URL

URL: https://www.verisure.nl/lp/calculator-nl/
Title: Verisure®

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://0zl9z6.tclfplxhhh.com/
Title: Traplift

Search URL Search Domain Scan URL

URL: https://zelesta.nl/collections/royalbed
Title: Zelesta

Search URL Search Domain Scan URL

URL: https://easyshoppeonline.com/search/top5/
Title: Easyshop | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://bestealarmsystemen.nl/article
Title: Beste Alarm Systemen

Search URL Search Domain Scan URL

URL: https://track.infinitemonkeytech.com/bfb15f0a-62cb-4d87-a9f2-3c157e6c65d6
Title: gezondheidsvergelijking.com

Search URL Search Domain Scan URL

URL: https://2f7w2d.tclfplxhhh.com/
Title: Badkamer verbouwing

Search URL Search Domain Scan URL

URL: https://search.vyager.com/
Title: Cruises | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://app.goldentree.nl/abt/lc-p13-obt
Title: goldentree.nl

Search URL Search Domain Scan URL

URL: https://images.slga.nl/aff_c
Title: Landelijk Energieloket

Search URL Search Domain Scan URL

URL: https://search.nl.kiwi-leaks.com/um/kiwi-nl-220
Title: Dieren Wereld

Search URL Search Domain Scan URL

URL: https://hww997.tclfplxhhh.com/
Title: Autoverzekering | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://isolatie-offertes.nl/experts-premie-isolatie
Title: Isolatie Experts

Search URL Search Domain Scan URL

URL: https://redirect.trackerado.com/cf/r/65d5e6d4fb411d00174356dc
Title: Subaru Crosstrek

Search URL Search Domain Scan URL

URL: https://crafthub.nl/collections/houten-legpuzzels
Title: Craft Hub

Search URL Search Domain Scan URL

URL: https://click.coolfix.com/32d15bc0-5c35-4239-adbd-f059c6ba59b8
Title: HearClear Pro

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Thumbnails%20|%20Card%2013:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://dailyredirect.com/
Title: Traplift voor senioren | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://tipstoday.org/promo.php
Title: Commerciële kredietverlening | Research Links"

Search URL Search Domain Scan URL

URL: https://tr.bestgadgetdiscounts.com/
Title: Best Gadget Discounts

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbnails-1x3:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://zonnepaneelofferte.nl/bespaar
Title: Zonnepaneel Experts

Search URL Search Domain Scan URL

URL: https://kunststof-kozijnen-offerte.nl/bespaar
Title: Kozijnen Experts

Search URL Search Domain Scan URL

URL: https://www.planethealth.nl/kind-gezondheid/voorf-of-achterlopen-bestaat-niet/
Title: Planet Health

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ultrasurfing.com/ HTTP 307
https://ultrasurfing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 370

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=20dd24da-1317-41fe-bf94-acb780af2caf

Request Chain 371

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=995c6936-488e-4bf5-95ac-67c3189ed2aa&google_hm=OTk1YzY5MzYtNDg4ZS00YmY1LTk1YWMtNjdjMzE4OWVkMmFh&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=995c6936-488e-4bf5-95ac-67c3189ed2aa&google_hm=OTk1YzY5MzYtNDg4ZS00YmY1LTk1YWMtNjdjMzE4OWVkMmFh&gdpr_consent=&gdpr=0&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAf38RfJdOqvWVDrE2G9rck&google_cver=1&ssp=vidoomy&bsw_param=995c6936-488e-4bf5-95ac-67c3189ed2aa&gdpr_consent=&gdpr=0 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=995c6936-488e-4bf5-95ac-67c3189ed2aa

Request Chain 372

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dfaf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253Dfaf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Dfaf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Dfaf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553

359 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ultrasurfing.com/
Redirect Chain

http://ultrasurfing.com/
https://ultrasurfing.com/

11 KB
4 KB

230ms
182ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0739a8b185be75f76121b77b42f70b603a861840a66f35fdc73824b0ebab09b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e2a1c34a909fc9-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 Apr 2024 17:45:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EBe7jQB4ZlDj3%2ByeyiVlssY5%2B6rTZ7GEWg30BdUpgf8jlpb7Ifrtf6ihJSlKPJtmbeEosNzGv6iLN6dpLFDkhIMAUP0JCxJkiVuJg7H1wSuY%2BN3Xhqg51BczdflWOkTe%2BuO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://ultrasurfing.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 reset.css
ultrasurfing.com/css/ 773 B
883 B 304ms
303ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/css/reset.css
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1050
etag: W/"5f9a61f5-41a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZ%2BbhQyJg%2Fdpr0hvlPDVbGYjeEF5tVUNQANye%2BHO589IaJyblFx8PyPAYwfhH%2F6PmHpl7N9gI3hbn2QopOGX1dXjRLHQ%2BZl42tX7Auci8M3HFDlgo2h%2FH1bqcJapJSWl383G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 86e2a1c46c459fc9-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 style1.css
ultrasurfing.com/css/ 11 KB
4 KB 43ms
42ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/css/style1.css
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 08 Apr 2023 04:57:00 GMT
server: cloudflare
age: 4757
cf-polished: origSize=19154
etag: W/"6430f41c-4ad2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fp27KFdW91eXImnek1V3HwSv3KovYcL2pLEB6vMJVWuHmw3B24LMM3dN8luNf8OrRMYo99PNjSMBRJnbt5NWryK%2FX1X6nKfouNg7v96oydKolRDLKO0a3lXQ6BD%2FSWyHkW1t"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 86e2a1c46c479fc9-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 3741fdf_photo0_190.jpg
ultrasurfing.com/images/ 8 KB
8 KB 26ms
26ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/3741fdf_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2d289443edb10359c5a2a139e52cb6e16c5790d636e383d492d32698c7796e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1240
alt-svc: h3=":443"; ma=86400
content-length: 7736
cf-bgj: h2pri
last-modified: Tue, 02 Apr 2024 17:24:05 GMT
server: cloudflare
etag: "660c3f35-1e38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ks1iThKnyVVwCSW8asejnJrkrHOjK7Dbq9cJdmCxXNRxIfE1nqPTBy7KI9L7ZaOo3uYiJ%2Bu15ajvf21HqSE5Gw%2F1x5qlObNuTnFofGvcE4lkr%2BX47fu6cPGX39IHIB3RMpT%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c46c499fc9-AMS
expires: Wed, 02 Apr 2025 17:24:39 GMT

GET
H3 200 a66ffab8_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
7 KB 28ms
28ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/a66ffab8_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e1196c7473ea2e5115591f65b58f6f5e8403e1ff2fdcf393b7e8ab7446435d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31419
alt-svc: h3=":443"; ma=86400
content-length: 7147
cf-bgj: h2pri
last-modified: Tue, 02 Apr 2024 09:00:06 GMT
server: cloudflare
etag: "660bc916-1beb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOijh7ybQAUr%2BIEUEt2ZSI5wgumezWsJGH1wOln3lh%2BZyqSgMJGnXjts1n7kFLdEUNT6UHTspTyZOz%2BeHJYGp%2FdsFTkJUSN2BYkdwsI2ulWi8Lb%2F5CsF%2BL4wvo1rpaqhkZHR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c46c4b9fc9-AMS
expires: Wed, 02 Apr 2025 09:01:40 GMT

GET
H3 200 bc17b5e8_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
7 KB 29ms
28ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/bc17b5e8_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d4c1a420786311e0cb128323351377b630c9b9e8d8a1470d9497daa4ecb708

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9010
alt-svc: h3=":443"; ma=86400
content-length: 6383
cf-bgj: h2pri
last-modified: Tue, 02 Apr 2024 15:15:03 GMT
server: cloudflare
etag: "660c20f7-18ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60ruQkNtzpm7vx2Ykub0nyXKOz1d02B79DPtZNEPVDfmgyKem3KNoAbeG%2FNRAR%2B7mkaZa%2Fs1kMkoBfUcLz%2FvmkuLXBlyIgMB0H3d36fSwuMrsYjUiCrixBQlIBhM8s3WFknD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c49c889fc9-AMS
expires: Wed, 02 Apr 2025 15:15:09 GMT

GET
H3 200 320727c7_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
6 KB 37ms
37ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/320727c7_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa25b37ed2342b975cc43d9f15c913012dd69417702e8af3cc219574f557fd5c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21970
alt-svc: h3=":443"; ma=86400
content-length: 6137
cf-bgj: h2pri
last-modified: Tue, 02 Apr 2024 11:39:04 GMT
server: cloudflare
etag: "660bee58-17f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJfmiZRJtYlarG3dKQuAQmcMqeJFEm7Zj6xZpYPUXxFncRLcFjSHD9aq7efB8vLIkbzs4%2BcSZ%2BnHsgy5pxiFxp48a9OgzYqN7whSMLuCJEEL%2FKpihlWtbQdkhgkJA2vsUCzM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c4bcb79fc9-AMS
expires: Wed, 02 Apr 2025 11:39:09 GMT

GET
H3 200 b4a6f20c_photo0_190.jpg
ultrasurfing.com/images/ 4 KB
5 KB 32ms
32ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/images/b4a6f20c_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eff22ceb7e7d8422a182f2d1ad96b572ccb58cb72e6fbf729ad338e4a524077

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9813
alt-svc: h3=":443"; ma=86400
content-length: 4591
cf-bgj: h2pri
last-modified: Tue, 02 Apr 2024 15:00:04 GMT
server: cloudflare
etag: "660c1d74-11ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NM4m76EjWBeepqzfEIaeXx%2Byy%2BcJmABWKnSdfY%2FRjMDsd%2BDDnEX6HPGxSlxPby72moib1YkLto3Q8A3sd1MTxwz%2FBbbYgIz3r%2FcVLeQcpkAyI0n0v6EfJxD3%2BO2qHcx%2FettK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c4ccdb9fc9-AMS
expires: Wed, 02 Apr 2025 15:01:46 GMT

GET
H3 200 rocket-loader.min.js Show response
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 19ms
19ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTplU61957S8OxsQ6Emqbi%2F2ydw09vtbqWZQ9p%2FPFSbCE%2F3pam7krR58zY5Wu5rvNOhbup1qTDrhU5ocmmCGvrI2VTcy4KxbIACaoLTY5BkgHhd1HHU6MOLcJTlVwbUkZKc7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86e2a1c4fd299fc9-AMS
expires: Thu, 04 Apr 2024 17:45:18 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/45157/ 730 KB
153 KB 92ms
18ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/45157/adpushup.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BC) /
Resource Hash: f69a21a9a1f6c409371c7333161ee16884e6b2a3704d3421f4061cbc28ffbc63

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
age: 507608
x-cache: HIT
x-client-device: desktop
content-length: 156736
x-ap-device: DESKTOP
last-modified: Wed, 27 Mar 2024 16:00:09 GMT
server: ECAcc (ama/48BC)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: NL
accept-ranges: bytes
expires: Tue, 02 Apr 2024 18:45:19 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/45411/ 41 KB
12 KB 89ms
18ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/45411/adRecover.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48EC) /
Resource Hash: 7975737dcab3e98655844dc1338ece0d9019246e668f0962f0b0577af1c597e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
age: 804789
x-cache: HIT
x-client-device: desktop
content-length: 11748
x-ap-device: DESKTOP
last-modified: Thu, 15 Feb 2024 07:57:34 GMT
server: ECAcc (ama/48EC)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: NL
accept-ranges: bytes
expires: Tue, 02 Apr 2024 18:45:19 GMT

GET
H3 200 bg_header.png
ultrasurfing.com/img/ 230 B
720 B 31ms
31ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/img/bg_header.png
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/css/style1.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1730816
alt-svc: h3=":443"; ma=86400
content-length: 230
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
etag: "5f9a61f5-e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpXXbCMvUlxo4Yhb1tddI9Xzvfs6WOCcXeSczx4YyMtyJOwnJCoTn8bEwLRbkk%2F50YtVSUlCymAH6N2UcIc%2F5VPP0HkSY%2BcREtRk96RGmOPnepv910%2FntMGtgIMoSNj35qcB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c65f0c9fc9-AMS
expires: Thu, 13 Mar 2025 16:58:25 GMT

GET
H3 200 logo-new.png
ultrasurfing.com/img/ 7 KB
8 KB 30ms
30ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/img/logo-new.png
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/css/style1.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721867
alt-svc: h3=":443"; ma=86400
content-length: 7316
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
etag: "5f9a61f5-1c94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3OQ1eOMvFbpajsaCfhHUku7l7ihyBMZBSBeYbeJZc%2FHIUMMbJWyQdCyNICzSnkFFuFPF7zjxRUxQa9BbOg2VKvvIC6fDqMueMfqw7HvB28Lcu%2FZEHFteIF3jt0VZjZG5tdQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c65f109fc9-AMS
expires: Thu, 13 Mar 2025 19:27:34 GMT

GET
H3 200 bg_nav.png
ultrasurfing.com/img/ 175 B
669 B 27ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ultrasurfing.com/img/bg_nav.png
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/css/style1.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1735338
alt-svc: h3=":443"; ma=86400
content-length: 175
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
server: cloudflare
etag: "5f9a61f5-af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRUVbt%2F%2FQQCCYrurM8DNEDIgIztzBEgv2mzZ9W1NT1b286uIciRf%2Fkiu9khn2BOR699d%2BzgUtrujySCpxbgIUySFaQ2a5g1r%2BkmseI9Wfh6XkUkTJny7jQ1IKog328%2FR5ok1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86e2a1c65f169fc9-AMS
expires: Thu, 13 Mar 2025 15:43:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
91 KB 183ms
69ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30c72624d4b0405cd9a4af1a43365f357f79f6313359bcc8457735135d7f81e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 17:45:19 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
30 KB 61ms
16ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/45411/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3484830
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-ams21058-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712079919.232085,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 6108, 7905

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 19ms
19ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4537538
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-ams21058-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712079919.236279,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 23, 415597

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
771 B 18ms
18ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1712079919253
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B6) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 02 Apr 2025 17:45:19 GMT
date: Tue, 02 Apr 2024 17:45:19 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (ama/48B6)
age: 830963
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: NL

GET
H2 200 pb.45157.1709907060881.js Show response
cdn.adpushup.com/prebid/ 424 KB
124 KB 20ms
20ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.45157.1709907060881.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4891) /
Resource Hash: 3115bbc6f22888131b06d9d6b848351a12e5379bae4abdbee9e9cea1e99c823b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
age: 714241
x-cache: HIT
x-client-device: desktop
content-length: 126788
last-modified: Fri, 08 Mar 2024 14:08:01 GMT
server: ECAcc (ama/4891)
etag: W/"65eb1bc1-6a1e6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Apr 2025 17:45:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
97 KB 118ms
117ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efc16c9c599b52ddf11338ab791b2ebf2e696e7d366753222dba7aabcd7b5f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99077
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 17:45:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 145ms
145ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=269851682

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e1316222d75aba1371f57a96fce3a907e8b3d72e070915427d8a3d36967bdc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47808
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 16:59:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 17:45:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
24ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 15:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7031
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 02 Apr 2024 17:48:08 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
309 B 47ms
46ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CB) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
age: 830973
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (ama/48CB)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Apr 2025 17:45:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 216ms
94ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b23baf061bb9f036d8e4992bafb1c99fc379dc6d964f9690586a7eceb4e25f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29192
x-xss-protection: 0
server: cafe
etag: 578 / 19815 / m202403270101 / config-hash: 13597004551339020200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:45:19 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 89ms
29ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:59:17 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 15:27:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2763
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: HbbwjZcsTN_-fFQ9tIsZCR08D1IH0-eHJxttKSda9PZuOHQtereEXg==

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
320 B 81ms
26ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MTkyNjksInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJOTCJ9&c_b=725.1000003814697
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
368 B 80ms
25ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 bdd707d79f4045e4080e4195f319dc6698bf9666.json Show response
keymap.adpushup.com/urlutmmapping/45157/UrlMapping/ 60 B
337 B 390ms
378ms Fetch
application/json 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://keymap.adpushup.com/urlutmmapping/45157/UrlMapping/bdd707d79f4045e4080e4195f319dc6698bf9666.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ce43d2dd0428e227f36dd0c5eb187a1e20698c13a3812304980a0415838de739

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:18 GMT
expires: Wed, 02 Apr 2025 17:45:19 GMT
last-modified: Tue, 02 Apr 2024 06:12:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC52DBD0918A7A
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c57461ac-101e-0035-7d25-85bb3d000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
x-client-device: desktop
content-length: 60
x-client-geo: NL

GET
BLOB 200
OK 5305dd4b-30dd-41af-a518-8eb3bc4c9339
https://ultrasurfing.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/5305dd4b-30dd-41af-a518-8eb3bc4c9339
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4fb2f01d9cf9dacc86bde88160ba3a8eb5d81b95a5a6064075d246404b4c80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1760
Content-Type: application/javascript

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 181 KB
61 KB 138ms
62ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

138f07e0d5652d5a896e9c9a24422f660140919b661fd24c1a7b3fff516df90c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vHei3ryh1dQ-D3LF2aaC6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-vHei3ryh1dQ-D3LF2aaC6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw15BiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQJz07zxrCRAL8XCs79i4gU1gReusg4wACOc6Wg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 79ms
23ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 09 Apr 2024 17:45:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 33ms
30ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=583409141&t=event&ni=1&_s=1&dl=https%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=user-interaction&ea=script-loaded&el=45157&_u=IEBAAEABAAAAACAAI~&jid=1238495310&gjid=489349612&cid=444144319.1712079919&tid=269851682&_gid=1113636327.1712079919&_r=1&_slc=1&z=1654214353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2e7e1587-d92f-46dd-8721-80b53eccb87e Show response
config.aps.amazon-adsystem.com/configs/ 563 B
827 B 85ms
24ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: c7b049c145ebb1fa294c4e99795b1f92876a8c589ad071c735a757cc689ee2ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:13:02 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1937
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: IeQkFdzN23npHgfygaDLrTYMgi0ft-6X5e01MO1lyYLy76VWDY_m2Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 29ms
29ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fultrasurfing.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c54b4f2646be8a0cd7aeb5db1c6d43ac798de663e034576ce6cf1195da1161dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:07:01 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9497
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2424
x-amz-cf-id: gmWUlCOQZJKm_CfonMy8P4qxfAcRNvkBqzeUXtukoC6ZGTd9MXB6vw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 83ms
34ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
date: Tue, 02 Apr 2024 05:37:52 GMT
x-amz-cf-pop: FRA56-P6
age: 43648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _Hh6969HeKUbNB-IESzw0ZbL0T7i8w9TJnFzY2u9dRkVhCav8kITVg==

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 105ms
23ms Script
application/javascript 2600:9000:223c:6000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:38:38 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 402
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4Rj-lfjFJJA9pu3TFkWt9SUTySTJGRkueVPMTklFSmogSghGlZmKwg==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 88ms
27ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 02 Apr 2024 18:00:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
39 KB 86ms
29ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 02:13:34 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 55906
x-amz-server-side-encryption: AES256
etag: "0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 39773
x-amz-cf-id: jvS9SCr_8XU9RpvALhhw7yRflT860DiGg5A6TNSmKXpArLZs2zCEog==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 87ms
26ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Tue, 02 Apr 2024 18:00:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
97 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=269851682

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e47d3be3e4dfcb346bf00719caa539112b09801f6791419a77b304c63ebe9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 17:45:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 58ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je4410v886690812za200&_p=1712079919270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=444144319.1712079919&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712079919&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=script-loaded&_fv=1&_ss=1&_ee=1&epn.siteid=45157&tfd=948
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 81ms
35ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.X763aTmSMjM.es5.O/am=wA/d=1/rs=AJlcJMwH7ACs8DAfRl5_EkNhPRoguc_Mqg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4LLHqR2IjxBBPNek97fpAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4LLHqR2IjxBBPNek97fpAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1gDgFiIh2N9x8YNbAIfPi-ZwAQAxU4MVQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T_QLOwNgdf4_WF0QJpvzMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-T_QLOwNgdf4_WF0QJpvzMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1gDgFiIh2N9x8YNbAITvt_qZwIAxB4MLg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVs_xuWaxsvGtFhiHd0hA-cmg96BzKxfXwIeMv7vUTZAwQGfibpbicHuOWPPD9ezJtOXlJxyB3sTzOFAH1rGrjhaJJ0ERhP8Adw6dGy0BAh9gCuS1RzLxgO98jRhX2YsATd0ZttAw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVs_xuWaxsvGtFhiHd0hA-cmg96BzKxfXwIeMv7vUTZAwQGfibpbicHuOWPPD9ezJtOXlJxyB3sTzOFAH1rGrjhaJJ0ERhP8Adw6dGy0BAh9gCuS1RzLxgO98jRhX2YsATd0ZttAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMDc5OTE5LDUxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsbnVsbCxbWzgsIlg3NjNhVG1TTWpNIl0sWzksIm5sIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a518845f31d0b18d7270eeb2843c7484cee5af9db21bb16351bc9d9b116e249

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JdNYCSaYiYwzZKrvorR8jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JdNYCSaYiYwzZKrvorR8jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcKzv2LiBTeBAS0svEwCRfzUd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 20ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je4410v886690812za200&_p=1712079919270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=444144319.1712079919&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Ag&_s=2&sid=1712079919&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=ap-page-view&_ee=1&epn.siteid=45157&_et=35&tfd=987
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
17ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=583409141&t=event&ni=1&_s=2&dl=https%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=user-interaction&ea=ap-page-view&el=45157&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=444144319.1712079919&tid=269851682&_gid=1113636327.1712079919&z=149245269

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 02:25:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55201
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 50ms
50ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MTk1MzIsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImIxMDcwOTEyLTljOTctNGQ3Yy05Mzk4LTg1ZWQ0NTU5MGYwOCIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0hPTUVfMVgxX2IxMDcwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiY3VzdG9tIiwibmV0d29ya0FkVW5pdElkIjpudWxsLCJzZXJ2aWNlcyI6WzFdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiI3NGU2MmI1YS01ODhkLTQ0MGMtYjc5Yy04ZGJmOWQ0M2YwZjYiLCJwYWdlVmFyaWF0aW9uTmFtZSI6ImludGVyc3RpdGlhbCBkZXNrIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJOTCJ9&c_b=987.6000003814697
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 47ms
47ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MTk1MzcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjVkNDhjOWNiLTU3MzUtNDFhMi04ZDcwLTEyMGU2M2MxZjM3YiIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0hPTUVfNzI4WDkwXzVkNDhjIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDUxNTdfNzI4WDkwXzVkNDhjOWNiLTU3MzUtNDFhMi04ZDcwLTEyMGU2M2MxZjM3YiIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJIT01FIiwicGFnZVZhcmlhdGlvbklkIjoiNzRlNjJiNWEtNTg4ZC00NDBjLWI3OWMtOGRiZjlkNDNmMGY2IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJpbnRlcnN0aXRpYWwgZGVzayIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiTkwifQ%3D%3D&c_b=993
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
320 B 42ms
42ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MTk1MzIsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiI3NGU2MmI1YS01ODhkLTQ0MGMtYjc5Yy04ZGJmOWQ0M2YwZjYiLCJwYWdlVmFyaWF0aW9uTmFtZSI6ImludGVyc3RpdGlhbCBkZXNrIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJOTCJ9&c_b=994.7000007629395
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 pixel;r=1657300759;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fultrasurfing.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1668579317-1712079919408;pbc=...
pixel.quantserve.com/ 35 B
455 B 36ms
26ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1657300759;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fultrasurfing.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1668579317-1712079919408;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=1;et=1712079919540;tzo=-120;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F3741fdf_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=babed637-686c-406e-9171-e92977c0eced;mdl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 24ms
24ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Tue, 02 Apr 2024 18:00:19 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 110ms
34ms XHR
application/json 34.248.72.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.72.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-72-127.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ba335f7fa2d3d48deb59dbaca6fd1c45838d6e2fcfc13765009ac677ae27992c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.25.169
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/ 441 KB
138 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf37446ea1ee83a3fce3f04bd63d69bb12d619e8e4c359540df4b94638daf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5542
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141434
x-xss-protection: 0
server: cafe
etag: 5731712271330627757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 02 Apr 2025 16:12:57 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
463 B 82ms
17ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Tue, 02 Apr 2024 18:15:19 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tD4LfhFeqqiu8M3c-M9QYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-tD4LfhFeqqiu8M3c-M9QYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1gDgFiIh2N9x8YNbAIXFl1dyAQAw1MMIA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qZ7l-s7GuHy3AwFXKKsDZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-qZ7l-s7GuHy3AwFXKKsDZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1JBiqGV4xtQKxE7pM1gDgFiIh2N9x8YNbAIvzi5YywQAxcwMSA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 144ms
65ms XHR
text/javascript 13.35.57.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=IiJCdjacevB9v&cb=0&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22STICKY_ADP_45157_728X90_5d48c9cb-5735-41a2-8d70-120e63c1f37b%22%2C%22s%22%3A%5B%22728x90%22%2C%22690x90%22%2C%22675x90%22%2C%22670x90%22%2C%22650x90%22%2C%22630x90%22%2C%22600x90%22%2C%22580x90%22%2C%22570x90%22%2C%22468x60%22%2C%22320x50%22%2C%22300x50%22%2C%22300x75%22%5D%2C%22sn%22%3A%22%2F103512698%2F23002230553%22%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.57.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-57-188.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:18 GMT
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: g0HQO51GmXtppPu1_WRwzO-QeGM1bJplyrBNS7A5gJ5bURhgGu_4cw==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 60ms
30ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240402

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.45157.1709907060881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3323c87ebfa44d7e5804d548f651c5597e8851125ef482f9d3d03ce5d12f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6268
x-jsd-version: 1.0.2014
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 840
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21965-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"643-d9SGz+coRmZi64EI1Ae+7XVxsVo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCIpYSEQCYDoYFr9L0j%2FQQdJ4d3jKZEcaWowP5jdrIvLxAqwrVqh%2BSdW2SCKST%2FybKOINOLZLh1OdQ3CXL3X5aG0nGSuI0FbdKUZaOi%2F1W8Aq84%2F4D75uVx8HlYW9Di98PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86e2a1c9bea70a58-AMS

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 24ms
24ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Tue, 02 Apr 2024 18:00:19 GMT

GET
H3 200 136431902 Show response
fundingchoicesmessages.google.com/i/ 182 KB
59 KB 89ms
89ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/136431902?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

fbcb62733abf849b714f71057c7e912843e1762f50cabcdc3e7c09cb96d95183

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EQIRsYnYPUJVQotqFi-S0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EQIRsYnYPUJVQotqFi-S0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQJz07zxrCRAL8XCs79i4gU3gwNKt35gAEDE67g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 153 KB
47 KB 346ms
295ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3804468145865180&correlator=2826737962581209&eid=31081721%2C31082138&output=ldjh&gdfp_req=1&vrg=202403270101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=103512698%3A21638617752%2C23002230553&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712079919897&lmt=1712079919&adxs=436&adys=1023&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&url=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&dlt=1712079918778&idt=953&prev_scp=amznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26misc%3DoptiRef_v11_e_all_pv%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0_pv%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0_pv%26refresh27Split%3Drefresh_experiment_10_pv%26ap_refresh_type%3DAV_3%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26url_key_mapping_0%3D05b931d3-cfd8-11ea-9450-6807152005bb%26faid%3Dfalse%26misc%3DoptiRef_v11_e_all&adks=2214359445&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0e8dc498aac93dfaac0be1a3826279937bfaa9f7b184942e0d82b6b9059d6de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47643
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A2B 0
0 156ms
56ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:20 GMT
expires: Wed, 02 Apr 2025 17:45:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
90 KB 69ms
68ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=269851682

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

341e22b5267494a92af6db2666f7e4d5c1c698fc8e65e6c5756c88d953314e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92504
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 322 KB
51 KB 61ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e4bced464a4a37d57e50c84136d238ffea85457d194f276402eec637bd5c0b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: U8CLph7Dbv2Bz_u.AGR9.eLW7_SdAM4N
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: AV6DVYXW1ZXTHCNX
age: 44
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 51242
x-amz-id-2: CSL/CayA1V7BeUP9YJBSdaSzVKLWHi/lIvVS33ipWJxsInJ+971P8TxBLsfsXZYpdU+xwg7S908=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:54:43 GMT
server: AmazonS3
x-timer: S1712079920.122187,VS0,VE2
etag: "9c2b60397854bfc36b1e1183987f9e8b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
79 KB 70ms
70ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8b405c674805d79556afe5773e2b764de42ac76e314747148082803be8e67071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81347
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 16:59:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 apInstreamBundle.js Show response
cdn.adpushup.com/45157/ 2 MB
342 KB 19ms
19ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489F) /
Resource Hash: 0bcb8634acdd25792d3f9bc12a1963dcbc58329daa25e10bf381c5fe063316c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
age: 106620
x-cache: HIT
x-client-device: desktop
content-length: 349427
x-ap-device: DESKTOP
last-modified: Mon, 01 Apr 2024 10:43:01 GMT
server: ECAcc (ama/489F)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
x-ap-geo: NL
accept-ranges: bytes
expires: Tue, 02 Apr 2024 18:00:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
69ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

daa5b467932b8ffb3046744ef6bbc794c15df6d37a55e15229e6d771ca5ed768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12114
x-xss-protection: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 20ms
20ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjAwNzAsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjIxMDIzYTY1LThmMmUtNDU3MC1iOTk4LWUxMGE2YTk1OGNkOSIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzk3MFgyNTBfMjEwMjMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3Xzk3MFgyNTBfMjEwMjNhNjUtOGYyZS00NTcwLWI5OTgtZTEwYTZhOTU4Y2Q5Iiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1526.2000007629395
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 27ms
26ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjAwNzIsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjFjZGQ2ZjgxLTZlNGUtNGI5Yi05ZDA2LWY0YjZjMjA2ODkzYiIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzE2MFg2MDBfMWNkZDYiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3XzE2MFg2MDBfMWNkZDZmODEtNmU0ZS00YjliLTlkMDYtZjRiNmMyMDY4OTNiIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1527.7000007629395
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 24ms
23ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjAwNzMsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjcwOGZlMTM0LTg2YjctNGQwZi1iOGJkLWYyNTg3MTE5OGY0NyIsInNlY3Rpb25OYW1lIjoiQVBfSW5zdHJlYW1fVW5pdCIsInN0YXR1cyI6MSwibmV0d29yayI6ImN1c3RvbSIsIm5ldHdvcmtBZFVuaXRJZCI6bnVsbCwic2VydmljZXMiOlsyXSwiYWRVbml0VHlwZSI6MX1dLCJjb3VudHJ5IjoiTkwifQ%3D%3D&c_b=1528.5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 25ms
25ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjAwNzQsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjQzM2FlOTE4LWUyNDEtNDM4Ni1hYzkzLWM4Y2IyOGQ5YWY3OSIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzMwMFgyNTBfNDMzYWUiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3XzMwMFgyNTBfNDMzYWU5MTgtZTI0MS00Mzg2LWFjOTMtYzhjYjI4ZDlhZjc5Iiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1529.8999996185303
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 26ms
26ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjAwNzUsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjU4OTA5ZjhhLTE5NDctNDA2Ny04Y2Y3LTRmZGU5OTc0YThiNiIsInNlY3Rpb25OYW1lIjoiQVBfVF9EXzMwMFg2MDBfNTg5MDkiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQ1MTU3XzMwMFg2MDBfNTg5MDlmOGEtMTk0Ny00MDY3LThjZjctNGZkZTk5NzRhOGI2Iiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjoxfV0sImNvdW50cnkiOiJOTCJ9&c_b=1531.2000007629395
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 31ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je4410v872416883za200&_p=1712079919270&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=444144319.1712079919&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712079920&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1550
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 75ms
26ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=444144319.1712079919&gtm=45je4410v872416883za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 202ms
83ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=444144319.1712079919&gtm=45je4410v872416883za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=37125904

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
ultrasurfing.com/ 894 B
1 KB 28ms
28ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ultrasurfing.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae0172585ae1755d6534a5d3e1ec6a7425ea5522ebd469f7d24870228a8f6c6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Oct 2020 06:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1735846
etag: W/"5f9a61f5-37e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWP81LuCOUE5ysZ22OV5ht1f46H4vqWeIwYoRQTSfH00AQzsM9nOQiWy1JBoavJgn0r0NJcCtK5XLNvHfNn9pPcTkI1geCozBBsqb0xDMvWnsAnwp52J8P8ysiSxbShkc7ZY"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=31536000, public
cf-ray: 86e2a1cca9369fc9-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 13 Mar 2025 15:34:36 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 67ms
66ms XHR
text/javascript 13.35.57.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=IiJCdjacevB9v&cb=1&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22ADP_45157_970x250_00000001-8669e421-260a-4ccd-9849-6a8bf6f15ff5%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22900x90%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22675x90%22%2C%22675x250%22%2C%22670x90%22%2C%22670x250%22%2C%22650x90%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22974135918%22%7D%2C%7B%22sd%22%3A%22ADP_45157_160x600_00000001-bd57dafe-d60a-4508-a8e6-24e1a471cc47%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F103512698%2F22973422918%22%7D%2C%7B%22sd%22%3A%22ADP_45157_300x250_00000001-9623d126-b72f-4978-a6ce-f8792f501108%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22974135924%22%7D%2C%7B%22sd%22%3A%22ADP_45157_300x600_00000001-db0605f7-844f-492b-afe8-0ad480263792%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22300x600%22%2C%22250x250%22%2C%22240x400%22%2C%22200x200%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F103512698%2F22974135927%22%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.57.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-57-188.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: u12yvxCmmu110z-i_t37gMfUWc8lX6GZydxHkbYIVYPRxa1UlGITDw==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 108ms
52ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

921c7e2005e97ca90cf67edeea19d6bce1f83d68cb3f77dec7557249373f1686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 apPlayerNewUi.css
cdn.adpushup.com/instream/ 71 KB
15 KB 18ms
18ms Stylesheet
text/css 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/instream/apPlayerNewUi.css
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48E0) /
Resource Hash: e9e05cd85d3088530453443f83b7258a668d25ca53d5555db0fab38ba6cb154c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
age: 830948
x-cache: HIT
x-client-device: desktop
content-length: 14724
last-modified: Mon, 19 Jun 2023 10:49:40 GMT
server: ECAcc (ama/48E0)
etag: W/"649032c4-11b84"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 24ms
24ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjAxOTYsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZUlkIjo0NTE1Nywic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJ1cmwiOiJodHRwczovL3VsdHJhc3VyZmluZy5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEyNTMzMTQyLTZhNjAtNDZkNS04YWNhLWMzMDdmYjViYTgyYSIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV8xMjUzMyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDUxNTdfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzEyNTMzMTQyLTZhNjAtNDZkNS04YWNhLWMzMDdmYjViYTgyYSIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6Nn1dLCJjb3VudHJ5IjoiTkwifQ%3D%3D&c_b=1652
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 202 logs
http-intake.logs.datadoghq.com/api/v2/ 0
0 349ms
132ms Ping
application/json 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=450db60c9e5108400bd9a6539552f87a&ddsource=nodejs&service=instream
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 202 logs
http-intake.logs.datadoghq.com/api/v2/ 0
0 368ms
151ms Ping
application/json 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=450db60c9e5108400bd9a6539552f87a&ddsource=nodejs&service=instream
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 391 KB
135 KB 185ms
58ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d36cb05c0704ebbb892e62402be4753072ee56467c3f138793af04744c446e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137371
x-xss-protection: 0
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 291 KB
59 KB 480ms
480ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3804468145865180&correlator=2761306866220174&eid=31081721%2C31082138&output=ldjh&gdfp_req=1&vrg=202403270101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=103512698%3A21638617752%2C22974135918%2C22973422918%2C22974135924%2C22974135927&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C970x90%7C970x250%7C900x90%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C160x600%7C120x600%2C320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C300x600%7C250x250%7C240x400%7C200x200%7C160x600%7C120x600&fluid=height%2Cheight%2Cheight%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712079920261&lmt=1712079920&adxs=325%2C325%2C975%2C975&adys=105%2C370%2C370%2C620&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&url=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=970x-1%7C160x-1%7C300x-1%7C300x-1&msz=970x-1%7C160x-1%7C300x-1%7C300x-1&fws=4%2C4%2C4%2C4&ohw=970%2C160%2C300%2C300&dlt=1712079918778&idt=953&prev_scp=amznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7Camznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7Camznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7Camznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26ap_refresh_type%3DAV_1%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26url_key_mapping_0%3D05b931d3-cfd8-11ea-9450-6807152005bb%26faid%3Dfalse%26misc%3DoptiRef_v11_e_all&adks=2720032702%2C3554213942%2C2421283730%2C1980444126&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a585caf08693df1bcbaf10f0118dffe3a702e7acfaaa19b3ae82c25845f45522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60191
x-xss-protection: 0
google-lineitem-id: -1,6497564589,6497564589,6410568200
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138461996664,138461996517,138453012950
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 page. Show response
fundingchoicesmessages.google.com/f/AGSKWxUQG-uhteeeQvy0MgYhgc_YWfuOSFmXRyh65KIKSAR9jRqCMWhOoreV6pCBMMTFck9btaVAzQwLq52i7gC_YqQdwnUVOHZvQaBBLECEibqIiCL4bFdX1tuQ092MN7wbgkKdExiFIKGfJfA46n71H10U2F4wZ... 54 B
110 B 69ms
69ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUQG-uhteeeQvy0MgYhgc_YWfuOSFmXRyh65KIKSAR9jRqCMWhOoreV6pCBMMTFck9btaVAzQwLq52i7gC_YqQdwnUVOHZvQaBBLECEibqIiCL4bFdX1tuQ092MN7wbgkKdExiFIKGfJfA46n71H10U2F4wZlfyLVzLADER0sjkQ6JdXPkxg7R_fQyP/_-ad-data//ads7._advertise180.-rectangle/ad-/ads/page.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.X763aTmSMjM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxyHNeoKDClT8hQDjmsD2o8nPwluA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

360b3d414fd9d19ee10c4e8e06136c7849a4dcc487723201f53f65c01c642098

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-J41ENRpjniN8dmcEf9R1TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-J41ENRpjniN8dmcEf9R1TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcGzo2LiBTeDA5L5uRgCVNTU7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 76ms
26ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11523
x-xss-protection: 0
server: cafe
etag: 916572542668392311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 18:28:35 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QVj7FG5wdAYT7QMYLYHMwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QVj7FG5wdAYT7QMYLYHMwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1gDgFiIh2NDx8YNbAI3Vl3vZgQAw38MHA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.m3u8 Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/ 778 B
1015 B 31ms
18ms XHR
application/x-mpegurl 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls.m3u8
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C0) /
Resource Hash: 15cd30f67323d290fbf1a0dab776072d45cb0aeca18f7464079f92dcc9f57a05

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: XJ2qTmqYpYOrqCgechwhfQ==
age: 20154
x-cache: HIT
x-client-device: desktop
content-length: 778
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 14:03:08 GMT
server: ECAcc (ama/48C0)
etag: 0x8DB255E01B2C5F3
content-type: application/x-mpegurl
access-control-allow-origin: *
x-ms-request-id: 547bdb77-201e-0056-2af6-84a8ac000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 64ms
63ms XHR
text/javascript 13.35.57.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=IiJCdjacevB9v&cb=2&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22ADP_45157_responsivexresponsive_00000001-47c065bb-aea8-41ce-8814-f1026b2e7a5e%22%2C%22s%22%3A%5B%22400x225%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F23007927310%22%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.57.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-57-188.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:19 GMT
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VWt1jzCNcjQ1tosGU4YzX46BNfWrcnN0y-eOnMtKCTnFCPUfhQJfMg==

GET
DATA 200
OK truncated
/ 228 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac67c4c64459f243337fd1acd0f9f5884407755db33357382446eccff49080ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 450 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993b6c12ec96c3b5ed2b09656c8d6299c508bcbc43449a8540f0104f2473eeea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5910fa2b14f49be0ebad39542c1bf8405b12ceea073230cc788aa770cd673ad6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 975 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cb558b096de43381ea12cbb5835a8ad210205e0e189e65bc4343ec23de06fb6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b28c3181c149b11260684c4f1fab1f5e3c0e287313f09c2c8ca28aa9ae4ab9b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 362 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c61902f54255238f30b59f46a3687e46ccdd93a945b9f106a5f4dfdaccc623cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1017 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da50891ffc42d4c1579660f8495c39f0120342c869a96f7fa265333e131745d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 11b70343-2f9c-459d-896e-20e23f46b9ce
https://ultrasurfing.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/11b70343-2f9c-459d-896e-20e23f46b9ce
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6df16b9d1f923f1c810f639b4338f7f518909b3e7dd84a82590604b75e3f9933

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 5905
Content-Type: application/javascript

GET
BLOB 200
OK 4e3ee2f9-4db5-46f9-8d71-0aebe184e7f2
https://ultrasurfing.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/4e3ee2f9-4db5-46f9-8d71-0aebe184e7f2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a177cca069c8a8133e0a364b5b9db956c5b7617a2e9c8d20e62362d1f4a5aa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 80503
Content-Type: application/javascript

GET
BLOB 200
OK 587d3fd4-2c8d-433f-9826-45714ea9f9b5
https://ultrasurfing.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/587d3fd4-2c8d-433f-9826-45714ea9f9b5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a177cca069c8a8133e0a364b5b9db956c5b7617a2e9c8d20e62362d1f4a5aa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 80503
Content-Type: application/javascript

GET
H2 200 container.html
b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34A5 0
0 26ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:20 GMT
expires: Wed, 02 Apr 2025 17:45:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.20240401-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 892 KB
181 KB 17ms
17ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a605872c10af59dccb04b7466b536181c78c30b8f7532d895183f7341c8d151f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: S61IiChmfbs0rKgVbfWczyxhm_JUvgyd
content-encoding: br
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: FQCQ7Z9GBQ1Y191D
age: 398
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185228
x-amz-id-2: HhN65XyxTyLFfxR1BorkxUHgUthl9eZ0QATd5NVXiKlDHRp3Oj4glI0feZiy2LEL9Qncp3CG/rg=
x-served-by: cache-ams21082-AMS
last-modified: Mon, 01 Apr 2024 09:31:10 GMT
server: AmazonS3-br
x-timer: S1712079920.334980,VS0,VE0
etag: "a1b52549156baaed313a30ea7a33cf13"
vary: Accept-Encoding
content-type: application/javascript
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 main.m3u8 Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 2 KB
2 KB 18ms
18ms XHR
application/x-mpegurl 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main.m3u8
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BB) /
Resource Hash: 70f215fc5d897590c7ea0aa8348e256e877ec4346adf67da8f6c40bc5cea26e9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: +rcOIpS59VennZ5yS/mhQA==
age: 20153
x-cache: HIT
x-client-device: desktop
content-length: 2346
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 14:06:06 GMT
server: ECAcc (ama/48BB)
etag: 0x8DB255E6BA3760A
content-type: application/x-mpegurl
access-control-allow-origin: *
x-ms-request-id: c0f8960b-f01e-0018-7ef6-848624000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79843e768129bc54db15739806c3d973e3d7b3e97c9ac58100c657d071f56fc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 520 B
255 B 458ms
458ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3804468145865180&correlator=2058770972858854&eid=31081721%2C31082138&output=ldjh&gdfp_req=1&vrg=202403270101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=103512698%3A21638617752%2C23007927310&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C400x225%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C200x200&fluid=height&ifi=6&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712079920367&lmt=1712079920&adxs=532&adys=370&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&url=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=400x-1&msz=400x-1&fws=4&ohw=400&dlt=1712079918778&idt=953&prev_scp=amznbid%3D2%26amznp%3D2%26stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D45157%26hb_ap_ran%3D1%26fluid%3D1%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26refresh27Split%3Drefresh_experiment_10%26ap_refresh_type%3DAV_6%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26url_key_mapping_0%3D05b931d3-cfd8-11ea-9450-6807152005bb%26faid%3Dfalse%26misc%3DoptiRef_v11_e_all&adks=1150831624&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ee7b7eebeb9414b269cc07600d99854b311cbc8ba493264380b6b7704bee77e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/3b96d06c/www-widgetapi.vflset/ 216 KB
67 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b96d06c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfc22aa61526b54bd655a11d628c6a6522c714fd355633936052ffb93368f397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68393
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 04:21:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Apr 2025 16:51:24 GMT

GET
H2 200 main.m3u8 Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 2 KB
3 KB 18ms
18ms XHR
application/x-mpegurl 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main.m3u8
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48EC) /
Resource Hash: 280329263a8a5ad67e0af11a604f8b8ed18f2c9448bf5e24012f5d11691e972a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: AbK+6KTWbjSwi2+O3KjZmQ==
age: 20152
x-cache: HIT
x-client-device: desktop
content-length: 2423
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:17:04 GMT
server: ECAcc (ama/48EC)
etag: 0x8DB255791D7A1C7
content-type: application/x-mpegurl
access-control-allow-origin: *
x-ms-request-id: 2207f6d6-501e-0073-33f6-8401d0000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WgGMum8x1pACg4uzQeVXfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-WgGMum8x1pACg4uzQeVXfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1gDgFiIh2NDx8YNbAIbXl44wggAxHYMaA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3vjHa4GELnJ2e0z-Pena4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3vjHa4GELnJ2e0z-Pena4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1gDgFiIh2NDx8YNbAIrTsy4xggAw84MHQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05BLvz7n8SfxZNn4gusKNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-05BLvz7n8SfxZNn4gusKNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1gDgFiIh2NDx8YNbAIHzu29xggAxM0MYA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWob1lcP8LLygv5OLYk2cE8MGkdV4a1MsOM64HKEvO4vsMWEfynPyg9aFytAWY3j_oNEa-M07KneeSJlwKl8LTKg9pFP84AwhD6LTGWamvm0fzFKOwaeHLxkxrMAVMgH3to1Zrn0w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 85ms
85ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWob1lcP8LLygv5OLYk2cE8MGkdV4a1MsOM64HKEvO4vsMWEfynPyg9aFytAWY3j_oNEa-M07KneeSJlwKl8LTKg9pFP84AwhD6LTGWamvm0fzFKOwaeHLxkxrMAVMgH3to1Zrn0w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMDc5OTIwLDM5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLG51bGwsW1s4LCJYNzYzYVRtU01qTSJdLFs5LCJubCJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

cf19ea90dc75749477a40481190a3d6aa587542d7fb06f557fa6a14e01cece71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tt-S75YIplYXwv-hwa-YDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-Tt-S75YIplYXwv-hwa-YDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcGzo2LiBTeBG86QLjACViTWL"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main_00001.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 208 KB
209 KB 18ms
17ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00001.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4899) /
Resource Hash: de656249f82c6a2857c048d1f2670b1407aa1494be635b53ba3f6f4f92ecf73e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: aH0aqsSM1CWFfdyB4hJaHA==
age: 20152
x-cache: HIT
x-client-device: desktop
content-length: 213380
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:05:42 GMT
server: ECAcc (ama/4899)
etag: 0x8DB2555FBC10DE2
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: 61aeb15b-e01e-0004-68f6-84d444000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52CB 0
0 49ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 11670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 14:30:50 GMT
expires: Wed, 02 Apr 2025 14:30:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 59ms
17ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 290914
expires: 60

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 91 KB
24 KB 321ms
313ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=19%3A45%3A20.412&lti=deflated&data=%7B%22id%22%3A314%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1712048081047%2C%22vi%22%3A1712079920410%2C%22cv%22%3A%2220240401-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.86%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A800%2C%22sh%22%3A600%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1113%2C%22dw%22%3A1600%2C%22dh%22%3A1519%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1420.125%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A1220%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 444048908ccf23f6e101dd87e33e21db8ff89b4d2e468f4b50fdb0272753a867

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 296
date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.9285416666666667
x-fastly-to-nlb-rtt: 876
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21082-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1712079920.431058,VS0,VE296
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main_00001.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 70 KB
70 KB 26ms
26ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00001.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B4) /
Resource Hash: f783c693720a89bd8c14afdca7f721155310840aa1ab7f361632f72797934dd9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: FDBFCedU5zNkGt5Xxzx9Hg==
age: 20151
x-cache: HIT
x-client-device: desktop
content-length: 71301
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:52:01 GMT
server: ECAcc (ama/48B4)
etag: 0x8DB255C73C3B7FF
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: f6ce7f30-101e-003f-2ff6-8491e0000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

POST
H3 204 AGSKWxUkjCcl6RdpJB3rvj4AhiBR1APr_i-5JFOCz-R0srWmPdmGeYAVpBos2D9Yox-3seUY6P4Mq58xAmzUkxdSXE6E-sK41WgbvREN6mh3FKWFtOsXjtLvQIjSY_cfGNkrZ2y8HfTbDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 43ms
43ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkjCcl6RdpJB3rvj4AhiBR1APr_i-5JFOCz-R0srWmPdmGeYAVpBos2D9Yox-3seUY6P4Mq58xAmzUkxdSXE6E-sK41WgbvREN6mh3FKWFtOsXjtLvQIjSY_cfGNkrZ2y8HfTbDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pVirDGkr5xxSS0Q-TgxCzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-pVirDGkr5xxSS0Q-TgxCzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1JBiqGV4xtQKxE7pM1gDgFiIh2NDx8YNbAInGn7_YAQAxakMgQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3bbY3CE90VoLHvUi_k1njujNBftXZrvpdD9NmNtv7Wlm13jv6nShTSKbLMIiITShN6SCJVUEosm4cuSLWrFyneNL0fEPHGJABrD3ooTjFnhOuba8-EQxLwDerg7wgmaErIKVOvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BAjEPDs6mrRLqh0fqWPtzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-BAjEPDs6mrRLqh0fqWPtzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1gDgFiIh2NDx8YNbAIbpnb3MQEAw0ALpA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 548 B
204 B 104ms
55ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fultrasurfing.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1c261ab4dace4aed640d9bebbbc65d51c96c0d088c698af3d881317e0287e765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179
x-xss-protection: 0
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 2e7e1587-d92f-46dd-8721-80b53eccb87e Show response
config.aps.amazon-adsystem.com/configs/ 563 B
827 B 24ms
23ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: c7b049c145ebb1fa294c4e99795b1f92876a8c589ad071c735a757cc689ee2ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:13:02 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1938
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: hg_-76RjFapXVdT5gATGie1beumXQqJuUKTjXOe5Mx-0GPtZxhVzhw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 24ms
24ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fultrasurfing.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c54b4f2646be8a0cd7aeb5db1c6d43ac798de663e034576ce6cf1195da1161dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:07:01 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9498
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2424
x-amz-cf-id: f5EEQXfMIuCHNAusWwyC-4YTtV6eamlMG5KeqSEbN8u-gOj0GP3ZlA==

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 43ms
42ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3AxIn1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 44ms
43ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3AyIn1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 45ms
44ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3AzIn1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 46ms
45ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX3A0In1dfQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 47ms
46ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19pbnN0cmVhbV9kZXNrdG9wX2JhY2tmaWxsMSJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 48ms
47ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtMSJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 49ms
48ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtMiJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 50ms
49ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtMyJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
320 B 51ms
50ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MTIwNzk5MjA1MDcsInBhY2tldElkIjoiMDAwMEIwNjUtMzY0MDg3MWQtZTE5YS00YWJkLWEwYmUtZmM5Yjc0OTZlNDVkIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS8iLCJzaXRlSWQiOjQ1MTU3LCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJjb3VudHJ5IjoiTkwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInBhZ2VHcm91cCI6bnVsbCwicGFnZVZhcmlhdGlvbklkIjpudWxsLCJwYWdlVmFyaWF0aW9uTmFtZSI6bnVsbCwicGFnZVZhcmlhdGlvblR5cGUiOm51bGwsImlzR2VuaWVlIjpmYWxzZSwidXJsIjoiaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tLyIsInJlZmVycmVyIjoiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImNjZDVhZWZjLTI0YjktNGRmZS04MTkxLTNhOTZkMTRkOTAyMCIsInNlY3Rpb25OYW1lIjoiQVBfSU5TVFJFQU1fNDUxNTdfY2NkNWEiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwic2VydmljZXMiOlsyLDNdLCJhZFVuaXRUeXBlIjo2LCJuZXR3b3JrQWRVbml0SWQiOiJhcF80NTE1N19HSV9pbnN0cmVhbV9kZXNrdG9wX25vTWNtNCJ9XX0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
BLOB 206
Partial Content 08a915ef-3c08-473d-90a1-1119712d8801
https://ultrasurfing.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/08a915ef-3c08-473d-90a1-1119712d8801
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 bridge3.631.0_en.html
imasdk.googleapis.com/js/core/ Frame 6869 0
0 76ms
25ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.631.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 265930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 248454
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Mar 2024 15:53:10 GMT
expires: Sun, 30 Mar 2025 15:53:10 GMT
last-modified: Sat, 30 Mar 2024 00:32:59 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 2843ms
2720ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Apr 2024 17:45:23 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D6D8 40 KB
14 KB 25ms
25ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 02 Apr 2024 18:24:12 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
39 KB 28ms
27ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 02:13:34 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 55907
x-amz-server-side-encryption: AES256
etag: "0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 39773
x-amz-cf-id: _HJNiGuW9PcQHoxuS1TOr_MBKhE4dGSEaj5OtkYAdt9WwIddGxV3qw==

GET
H2 200 main_00002.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 73 KB
73 KB 21ms
20ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00002.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B0) /
Resource Hash: 8b5a5379064d6459caea21d3dc3a2de56ed1f0c26ae2f2cd23907be645999ed2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: dPpWWudU87h59TvvmR3d0g==
age: 11514
x-cache: HIT
x-client-device: desktop
content-length: 74448
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:42:50 GMT
server: ECAcc (ama/48B0)
etag: 0x8DB255B2B9604D0
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: eb673b67-901e-000e-240a-8570f3000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
BLOB 206
Partial Content 08a915ef-3c08-473d-90a1-1119712d8801
https://ultrasurfing.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ultrasurfing.com/08a915ef-3c08-473d-90a1-1119712d8801
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 main_00003.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 73 KB
73 KB 21ms
20ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00003.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4890) /
Resource Hash: bbce122f46571712f2aedfb8c5c552328165ec14824008365cc81c08fba0158b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: U7bZ2Rz4dqJYY0qVhijSEw==
age: 11511
x-cache: HIT
x-client-device: desktop
content-length: 74542
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:38:23 GMT
server: ECAcc (ama/4890)
etag: 0x8DB255A8C1FF8CD
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: e26cfcb8-f01e-0027-640a-854e87000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 33ms
33ms XHR
application/json 34.248.72.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.72.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-72-127.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: db8baa5999a34e67145c103a5059e37991adfee11b1b7a90b89bf9fe96f0e582

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.10.41
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 main_00004.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 72 KB
72 KB 19ms
18ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00004.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4884) /
Resource Hash: 8ef4aa2c41ee3d8150399dcb233339fbd1d75c1b1bbb3153a6bc28f63faef919

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: 1fLaj+zWTGjqX3/5ejrT5Q==
age: 11507
x-cache: HIT
x-client-device: desktop
content-length: 73587
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 14:00:53 GMT
server: ECAcc (ama/4884)
etag: 0x8DB255DB0F4FE9A
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: 99837651-901e-006c-2c0a-85b2d4000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 main_00005.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 72 KB
72 KB 18ms
18ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00005.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488E) /
Resource Hash: d7794ece2bfd09b233bd749f9de8ac20bd78f713c898214457a433f8bb14f795

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: tS6+DzfZaCtoPd1YiGOlSw==
age: 11506
x-cache: HIT
x-client-device: desktop
content-length: 73748
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:39:23 GMT
server: ECAcc (ama/488E)
etag: 0x8DB255AAFE454EA
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: 63154f57-b01e-0019-280a-85d9f8000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 main_00006.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 72 KB
72 KB 22ms
21ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00006.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4889) /
Resource Hash: ab4f160d5e692a6472ab9ca6678900a8313644fb63140b42026cb8b3075e551a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: 9j61tRTl0dRPDLZIePRe7g==
age: 11504
x-cache: HIT
x-client-device: desktop
content-length: 73907
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:34:07 GMT
server: ECAcc (ama/4889)
etag: 0x8DB2559F38D7188
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: f479969b-f01e-0055-220a-8549c8000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 main_00007.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 73 KB
73 KB 19ms
19ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00007.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F7) /
Resource Hash: e23caab6e354f99aff7f78665c13d4e121fe68286891cf968d19161bf101759c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: 5AW6g+GPPnn+pWgkk6Q3oA==
age: 11503
x-cache: HIT
x-client-device: desktop
content-length: 74462
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:00:51 GMT
server: ECAcc (ama/48F7)
etag: 0x8DB25554E2E9B57
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: becced77-301e-0075-120a-85326f000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 main_00008.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 73 KB
73 KB 18ms
18ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00008.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48A2) /
Resource Hash: 59677a1aa0d7e375e7ffd218f48c2563da4c14db80ba02f46ddba9bafee6dde7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:20 GMT
content-md5: cN0SMczc4KrGitUatS/p5w==
age: 11502
x-cache: HIT
x-client-device: desktop
content-length: 74604
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:50:03 GMT
server: ECAcc (ama/48A2)
etag: 0x8DB255C2D689C06
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: 9e0840eb-c01e-004e-610a-8577cb000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:20 GMT

GET
H2 200 floating-unit.20240401-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 17ms
17ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20240401-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a699f7a698c12eded511af476ca4e70e367fac38e7224278f906d54ad24b4e46

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: u9Bb5krP4IyydwrBdkTUxVpWwAuX8SCJ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: Y4KF5P8BQ2ZNJEK2
age: 31901
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2507
x-amz-id-2: hg490fNMlhV3CB3Hhq3Km3ZiT4sugR++773o4saceQgC8G/35/3Pi7kz2HS+EO9QYQmQY+taMtQ=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:53:40 GMT
server: AmazonS3
x-timer: S1712079921.753883,VS0,VE0
etag: "c63a17282d080f1d2a1f7b8889701c41"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 UnitFeedManagerMobile.min.js Show response
vidstat.taboola.com/lite-unit/4.8.8/ 122 KB
34 KB 59ms
17ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.8.8/UnitFeedManagerMobile.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6814f4cd01182679689e397989e5be9bf3cbc631889dc131c2530ce603b1af4a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
Origin: https://ultrasurfing.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 602c4232f2a46df23c54a6eec1d7e048.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-P3
age: 108609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34564
x-served-by: cache-ams21058-AMS
last-modified: Mon, 01 Apr 2024 11:32:29 GMT
server: AmazonS3
x-timer: S1712079921.796970,VS0,VE0
etag: "486a84ced36d33861ff940e130305db6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: zDr85_uONP3a3L4_wLL2ByUV3UHFOAlAKmpjx5wcYVANlH79FuF8rA==
x-cache-hits: 13864

GET
H2 200 feed-card-placeholder.20240401-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 19ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240401-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 405d9ee7e5a58935c19966f3f37287fc3ff40ede709b15567ec273db9d10b05f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: j4RuUmuR87gkTu8dV9PEw_pJQ7SsjjVe
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: 6R13X3B0V6REDV5V
age: 31909
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: +AIgOE672EKfbnaV8ASRje8kbnddl3BjcJtoBjL2xiunnm97JVRoWigxENlB49C6syqDVpwX+gQ=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:53:32 GMT
server: AmazonS3
x-timer: S1712079921.755871,VS0,VE0
etag: "23d7bdb7cb6323b108640c8cd00c319d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1105

GET
H2 200 userx.20240401-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 21ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240401-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fcfc84ef54655a991fff82757e3cfac528c20a14698287dec0675b0a0d6486

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ez2Vwoj.GqnKtceODSbeRLSirEDqNxri
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: 32KTM8RBBS5JZR9J
age: 31870
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5539
x-amz-id-2: FSZSRaXWpGrMuqTfbp1QSAA+crNxilwRHxCDfsicnRus/D90Tw3WmMgu2e4n8sIetsKj2/7cA2I=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:54:11 GMT
server: AmazonS3
x-timer: S1712079921.763723,VS0,VE0
etag: "c450e6b3114dad3749013344e7afec78"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8

GET
H2 200 distance-from-article.20240401-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240401-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20c0bf147829a22ab2c9b9a6e4f485bb63fc071ecc19685c00b37bbe4a9cef6f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 37U6KoVM6BxRDA8I0GWkzJJMK6Si6P2A
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: 40VDJ0SSQB6SVWXX
age: 31916
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1523
x-amz-id-2: e8Sp04Oos3k5zS/GtwihJ+j8Uwnh0VdBH6FDeagBIg7b7Gqh0Q67eP97IXdGZcbLNZqcF6gepMQ=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:53:24 GMT
server: AmazonS3
x-timer: S1712079921.764239,VS0,VE0
etag: "2af62363026dedcfaef034e182c820ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1265

GET
H2 200 article-detection.20240401-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 23ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240401-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0c588373d2268b48b094398de24d1c1e9b1e81313e72ab6dbff8346bf097019

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: NG.NA12ReDtyEC.KxeGjGJypV9rFsJMO
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: NA1R93JPGAKB1B8K
age: 31927
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: 89HIWkmWjtN18vSeh1BayJ5LB46FZNlHe34yK3+GbIDDJJvNmJMMBoieZjJ9kjJhJM66ZaWIDg8=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:53:13 GMT
server: AmazonS3
x-timer: S1712079921.764233,VS0,VE0
etag: "d3ef7891f2298cad13f12c1209657e58"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1256

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 21ms
21ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: MG56B0PXBD0FMCMJ
age: 67
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: 2iJjre4CK8lIplv7MmQY+0BeFo67/BzMyBvsztty5koDqz3KcH8mFqlHHZht8cmPMDNCHwFVhCs=
x-served-by: cache-ams21082-AMS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1712079921.768161,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 6
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 17

POST
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 78ms
17ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=15813&tvi50=15661&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1712079920771%7D&tim=19%3A45%3A20.771&id=3173&llvl=2&ri=31e2a1697f733cd3ca8eb5b4afcfb1d9&sd=v2_0611dc4e4190a1a0541b41c1d4ff23dc_c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0_1712079920_1712079920_CIi3jgYQ8-NDGJq6qf_pMSABKAEwoQE4l-oLQJ2XEEjoztoDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0&pi=/&wi=-1709852854480885386&pt=home&vi=1712079920410&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
90 B 68ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=19%3A45%3A20.737&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=2805&cv=20240401-5-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15897

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 77ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=15813&tvi50=15661&lti=deflated&ri=31e2a1697f733cd3ca8eb5b4afcfb1d9&sd=v2_0611dc4e4190a1a0541b41c1d4ff23dc_c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0_1712079920_1712079920_CIi3jgYQ8-NDGJq6qf_pMSABKAEwoQE4l-oLQJ2XEEjoztoDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0&pi=/&wi=-1709852854480885386&pt=home&vi=1712079920410&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=19%3A45%3A20.742&id=7603&llvl=2&cv=20240401-5-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 77ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=15813&tvi50=15661&lti=deflated&ri=31e2a1697f733cd3ca8eb5b4afcfb1d9&sd=v2_0611dc4e4190a1a0541b41c1d4ff23dc_c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0_1712079920_1712079920_CIi3jgYQ8-NDGJq6qf_pMSABKAEwoQE4l-oLQJ2XEEjoztoDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0&pi=/&wi=-1709852854480885386&pt=home&vi=1712079920410&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1712079920749%7D&tim=19%3A45%3A20.749&id=4124&llvl=2&cv=20240401-5-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
90 B 76ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=19%3A45%3A20.760&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=5212&cv=20240401-5-RELEASE&lt=deflated&idx=pc&pc=split-1&st=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15930

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 30 KB
9 KB 305ms
305ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=19%3A45%3A20.781&route=AM:AM:V&tvi2=15813&tvi50=15661&lti=deflated&data=%7B%22id%22%3A261%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_0611dc4e4190a1a0541b41c1d4ff23dc_c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0_1712079920_1712079920_CIi3jgYQ8-NDGJq6qf_pMSABKAEwoQE4l-oLQJ2XEEjoztoDUP___________wFYAGAAaI670Mmdm5iQc3AA%22%2C%22ui%22%3A%22c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1712048081047%2C%22vi%22%3A1712079920410%2C%22cv%22%3A%2220240401-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.86%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A800%2C%22sh%22%3A600%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1113%2C%22dw%22%3A1600%2C%22dh%22%3A2948%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1056.96875%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7258669d60954719ded954c2518b225155fb31738bb2ac378b44d139fc55dc20

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 288
date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
via: 1.1 varnish
x-datadome: protected
cpu: 0.8739583333333334
x-fastly-to-nlb-rtt: 948
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-ams21082-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1712079921.792181,VS0,VS0,VE288
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 0869c279187322c11a0aafb376fde22c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 19ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4eb6c7f2a7aa454348f2686a2e9548d31046be45fab02357fce6da2925f032ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
age: 443468
edge-cache-tag: 294648470964284478845587209305226383948,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294648470964284478845587209305226383948,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 171
expiration: expiry-date="Sun, 31 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://apnews.com/
content-length: 15146
x-served-by: cache-iad-kjyo7100101-IAD, cache-iad-kjyo7100065-IAD, cache-iad-kjyo7100077-IAD, cache-ams21082-AMS
last-modified: Thu, 29 Feb 2024 12:13:04 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=23422,owidth=1067,oheight=600,obytes=1019645,ef=(1,13,17,23,30)
x-timer: S1712079921.801157,VS0,VE1
etag: "65b4b0d8d59042ee3c341845b293530d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1

GET
H2 200 1fd07a160214f8fe334ef561930bfc47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 20ms
20ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe0bc6e11b87847e1d4a25d4316cc5ccb11e87cf779a542dd421f0f325179121

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
age: 2808719
edge-cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 120
expiration: expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jan-magazine.nl/
content-length: 8266
x-served-by: cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100078-IAD, cache-lga21945-LGA, cache-iad-kiad7000123-IAD, cache-ams21082-AMS
last-modified: Tue, 20 Feb 2024 21:11:00 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=16362,owidth=1000,oheight=600,obytes=337911,ef=(1,13,17,23,30)
x-timer: S1712079921.801792,VS0,VE1
etag: "bd705815a3e6168b10df965f5126c740"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 40, 1

GET
H2 200 efbc6ed32187f790232be9f024426731.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 17ms
17ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efbc6ed32187f790232be9f024426731.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c96995aa2471d053bba8a090ead0f5db26f122c8a7afb66d888e298e088ea1ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efbc6ed32187f790232be9f024426731.jpg
age: 2150189
edge-cache-tag: 380844550900137889142765781484096309183,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380844550900137889142765781484096309183,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 216
expiration: expiry-date="Sun, 31 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.iflscience.com/
content-length: 6484
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kjyo7100171-IAD, cache-lga21942-LGA, cache-iad-kjyo7100092-IAD, cache-ams21082-AMS
last-modified: Thu, 29 Feb 2024 11:11:42 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=10923,owidth=1344,oheight=768,obytes=74779,ef=(1,13,17,23,30)
x-timer: S1712079921.801125,VS0,VE0
etag: "4205b5fca837639bfe5a5d718ac8a3dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 92, 4

GET
H2 200 b81fd618622d2a722bb7f56fcb5c0ac1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 23ms
21ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81fd618622d2a722bb7f56fcb5c0ac1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01487e96b12cc31403104866bad3b9aedf7fc87133c20a40cc1ab45c4610952d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81fd618622d2a722bb7f56fcb5c0ac1.jpg
age: 2364172
edge-cache-tag: 400992805495805925265670467159260511564,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 400992805495805925265670467159260511564,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 80
expiration: expiry-date="Sun, 10 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.news18.com/
content-length: 12240
x-served-by: cache-iad-kjyo7100156-IAD, cache-iad-kjyo7100110-IAD, cache-lga21965-LGA, cache-iad-kjyo7100077-IAD, cache-ams21082-AMS
last-modified: Thu, 08 Feb 2024 08:58:58 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=14570,owidth=1600,oheight=900,obytes=112467,ef=(1,13,17,23,30)
x-timer: S1712079921.824839,VS0,VE1
etag: "2e6d2910ea04b8273e8535f9c96c4c00"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 22, 1

GET
H2 200 b67e64dc-0450-48c8-b4d2-4da2be976eba__w7hhqkwG.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 49 KB
50 KB 25ms
22ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b67e64dc-0450-48c8-b4d2-4da2be976eba__w7hhqkwG.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7877f49ee097a894a425781df5e97e312fd1f2f5d4d221c44975b1cf7c6bceaa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 3
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b67e64dc-0450-48c8-b4d2-4da2be976eba__w7hhqkwG.jpg
age: 514352
edge-cache-tag: 324183640151713662023486639439363932090,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324183640151713662023486639439363932090,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 14
expiration: expiry-date="Mon, 15 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.foxtimesnews.com/
content-length: 50177
x-served-by: cache-iad-kiad7000027-IAD, cache-iad-kiad7000106-IAD, cache-lga21971-LGA, cache-iad-kiad7000120-IAD, cache-ams21082-AMS
last-modified: Fri, 15 Mar 2024 20:49:15 GMT
server: nginx
surrogate-reporting: width=740,height=370,bytes=50177,owidth=2000,oheight=1201,obytes=183903,ef=(1,13,17,23,30)
x-timer: S1712079921.824942,VS0,VE3
etag: "4d1d232cc3d2b50e9a187b3361ff3794"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2, 1

GET
H3 200 container.html
b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F90 0
0 25ms
24ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:20 GMT
expires: Wed, 02 Apr 2025 17:45:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5967 0
0 80ms
79ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvvB6Rpd37DLmi9QAg8ksiWU5GPwqqCtlpmYXDzkYwJ-uOq3HWweRJPxC93O5xVFRuK_Sm1FAGPkOgxZDtMuRnRBV1jcfV8RK5sDkfBpxlNE9APwDOzofePQXYG8ERrWz7CghPRp_hAq9sFxky7EcgqOBe42IDCUyF0svGrXziJwxMV1IsdLhuZYfaXEhJdNYZ6IV-jX63CHlK3A1qGJgfOr6l8a0waRSWVkP3Xyc9lPcuzaXPzy_Rw-C2mdjGDJxkinD8Q0lsgLQZTAtjkg_6u52vWU0ZciKT15aE9vPLFXBwoViF6iX-jh4GZaPQhQHtsY9V8nYCIqIA_pRyjgUw-mawyYUJIeysfna-Rc-6ZYGOzPoLTQD9sDN7kfxyUPe0&sig=Cg0ArKJSzDqpAFWUGMfWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240328/r20110914/ Frame 5967 23 KB
9 KB 26ms
24ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240328/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Apr 2024 04:18:23 GMT

GET
H2 200 ultrasurfing.comadpushup.js Show response
jscdn.greeter.me/ Frame 5967 6 KB
3 KB 93ms
29ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a830e0435b36c6bc45c704642950745f667fb12f182b911c0db6b646c4020bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000a20d652332a2d887-00660a8e80-e7235a32-fra1b
age: 2844
x-envoy-upstream-healthchecked-cluster
last-modified: Sun, 04 Feb 2024 09:32:54 GMT
server: cloudflare
etag: W/"1c84c7422a6ee073b3a20ba21134948d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 51d73c26-4e7c-47a9-825f-52ce5b5fb0a0
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 86e2a1d18db79ff3-AMS

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5967 214 KB
65 KB 30ms
28ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

90bb36c4c0d901feb3f32e1c95032cf5521bc5fbe675bc91100e31ee27f93643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66538
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 18:45:14 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6A6E 0
0 75ms
75ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvxE5nKU4PNv9Vn3Xd4MntAjV2mJGzxzc-Nr69_gHp1OKsjePckxuQ8787inIfSnAFRCl_3U1b6ou3B-4FNHmOZPndMS8NOTgtdAeIo6qkX3aXa1mJ5Ywx9a_glfVUP9sCRT1sicE_-k7Y-vssxS_x3Mz98Lh9Zti7u74yhsrFfe9hRYFNOsAOTAmaePTGIDwOhT-8hgxsSHZmCpAOHeprug2fAwouk3e379lJLZBMvBw1z0-fbRnao92z4kHtcs_3EvDrJw1yIS_pKx1PSHmj1SE_cXh-UNimVhxvuyrllNaR7cIBVOj45qnJCCVmaPtcN4Hf84f8BtTb8XTVD1pKxIT4Nej-22D1sxVyXbTrPydhcPkUlRYzZoFuS7CEG4CM&sig=Cg0ArKJSzEFDsGPytBolEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240328/r20110914/ Frame 6A6E 23 KB
9 KB 91ms
91ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240328/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Apr 2024 04:18:23 GMT

GET
H2 200 ultrasurfing.comadpushup.js Show response
jscdn.greeter.me/ Frame 6A6E 6 KB
3 KB 88ms
28ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a830e0435b36c6bc45c704642950745f667fb12f182b911c0db6b646c4020bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000a20d652332a2d887-00660a8e80-e7235a32-fra1b
age: 2844
x-envoy-upstream-healthchecked-cluster
last-modified: Sun, 04 Feb 2024 09:32:54 GMT
server: cloudflare
etag: W/"1c84c7422a6ee073b3a20ba21134948d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 51d73c26-4e7c-47a9-825f-52ce5b5fb0a0
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 86e2a1d18db89ff3-AMS

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6A6E 214 KB
65 KB 37ms
37ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

90bb36c4c0d901feb3f32e1c95032cf5521bc5fbe675bc91100e31ee27f93643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66538
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 18:45:14 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0B5B 0
0 72ms
71ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvkni6lI26Ymw1qhBd0j80zZNY-msx6uQssG8NyxATou3YsFTAO7JnNdMy_Dv2Raeyp47cwazQJm0ZPkK5Fxaya1JaOu0KThqiOpoTq_SOpxewF0GDTGxI320YRKAD-njLxHSP_gC-9c6a4khth2_9AuxZciEg4T2860oSAr8eZxhoLw-UTqRJZ7OI1IgUsShklz-wqQppSOsl0tpI45OjdaPKqD7riz8-yPMH_StkKri-nCgPSc8t1c_NPhP3rAUZacAlwRKeofK882iQnZdbIM72qqV4Z7J6hQRlUDVEjMTDCaYBGZu4RndBr2yLUOyj_RAF4Kr8UBHA0-6JIr9F_H9PrggFOqtVjjLEBySGIjsI-OtP8I39mNcWvoS2DuXE&sig=Cg0ArKJSzHn5AUYAUA95EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ultrasurfing.com
URL: https://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240328/r20110914/ Frame 0B5B 23 KB
9 KB 90ms
90ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240328/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Apr 2024 04:18:23 GMT

GET
H2 200 a1554043.js Show response
js.genieessp.com/t/554/043/ Frame 0B5B 0
159 B 822ms
267ms Script
text/plain 133.186.12.49
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/554/043/a1554043.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.49 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p049.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 0
warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
content-type: text/plain

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0B5B 214 KB
65 KB 44ms
44ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

90bb36c4c0d901feb3f32e1c95032cf5521bc5fbe675bc91100e31ee27f93643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66538
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 18:45:14 GMT

GET
H2 200 4af998f3d7c619deb382efece2a9f7e6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 19ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af998f3d7c619deb382efece2a9f7e6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2919f125df5dc47bd7936d5ec7f32aec7d5a0e6b5f7ae830c0e408d8892e80d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af998f3d7c619deb382efece2a9f7e6.jpg
age: 576211
edge-cache-tag: 384676988948736115277541265216607496345,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384676988948736115277541265216607496345,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 599
req-referer: https://www.news18.com/tech/apple-iphone-15-series-price-in-india-vs-usa-dubai-and-other-countries-check-full-list-8575377.html
content-length: 6152
x-request-id: 745d5d49975999c4da62504d19913c89
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kiad7000025-IAD, cache-lax-kwhp1940113-LAX, cache-iad-kiad7000103-IAD, cache-ams21082-AMS
last-modified: Mon, 18 Mar 2024 16:48:50 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=11668,owidth=1000,oheight=600,obytes=318180,ef=(1,13,17,23,30)
x-timer: S1712079921.844842,VS0,VE1
etag: "35f8cd578839eddaaa06d69ff69a6e87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 8ddae824c2b351ee6c88a8a884cad93f.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_800%2Cx_0%2Cy_527/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 18ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_800%2Cx_0%2Cy_527/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8ddae824c2b351ee6c88a8a884cad93f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3535c4a5bffc13ae18520d4021db2dce63cdcc64e198ce4c8a0d3baa2312ddb2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_800%2Cx_0%2Cy_527/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8ddae824c2b351ee6c88a8a884cad93f.jpg
age: 2946305
edge-cache-tag: 598351709086213135810182488076710513320,571559514550431197385915883524405450025,29ecf9b93bbf306179626feeda1fab70
cache-tag: 598351709086213135810182488076710513320,571559514550431197385915883524405450025,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 84
content-length: 10508
x-request-id: b27956e2d36f1961e64ef70928e5d705
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kcgs7200066-IAD, cache-lga21969-LGA, cache-iad-kjyo7100056-IAD, cache-ams21082-AMS
last-modified: Tue, 13 Feb 2024 21:44:52 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=16827,owidth=800,oheight=1067,obytes=201572,ef=(1,13,17,23,30)
x-timer: S1712079921.850721,VS0,VE1
etag: "39f2fa72a37c7efc33dd01c5f9f7a4c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 51, 1

GET
H2 200 5a15d76ba95167ab24f800921a6c53b8.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_960%2Cx_184%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 38 KB
39 KB 19ms
19ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_960%2Cx_184%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a15d76ba95167ab24f800921a6c53b8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61604f28cc80dd4a34a2cb58e1bd447da291143e23419613e6edf4bb807206b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_960%2Cx_184%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a15d76ba95167ab24f800921a6c53b8.png
age: 98702
edge-cache-tag: 363709287533179663088139634091836185106,475971501583880691538319211019409053864,29ecf9b93bbf306179626feeda1fab70
cache-tag: 363709287533179663088139634091836185106,475971501583880691538319211019409053864,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 931
req-referer: https://tempest.services.disqus.com/
content-length: 38864
x-request-id: d999c3129074d2c96f30b925e5361f77
x-served-by: cache-iad-kjyo7100160-IAD, cache-iad-kjyo7100054-IAD, cache-lga21934-LGA, cache-iad-kiad7000074-IAD, cache-ams21082-AMS
last-modified: Thu, 28 Mar 2024 11:01:36 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=38864,owidth=1200,oheight=800,obytes=2085246,ef=(1,13,17,23,30)
x-timer: S1712079921.852786,VS0,VE1
etag: "3c61de5ddb2a5d51b0be506d4cd669b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 9051e8bb9428f5f5a4da17b1e34cdac8.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_181%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 20ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_181%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9051e8bb9428f5f5a4da17b1e34cdac8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 686e372edbf0cf62df56b24346275f6a35cd2b2cd88f19328d0b965ee94bcf15

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_181%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9051e8bb9428f5f5a4da17b1e34cdac8.png
age: 390263
edge-cache-tag: 403493721134627639680698257064497790937,418637924394471241716561072720194016470,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403493721134627639680698257064497790937,418637924394471241716561072720194016470,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 535
req-referer: https://smallbusiness.chron.com/remove-bookmarks-google-docs-42143.html
content-length: 18220
x-request-id: 4afc59280c5536560d90037605197dc2
x-served-by: cache-iad-kcgs7200131-IAD, cache-iad-kiad7000157-IAD, cache-lga21983-LGA, cache-iad-kcgs7200022-IAD, cache-ams21082-AMS
last-modified: Thu, 21 Mar 2024 14:12:37 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=28186,owidth=1000,oheight=600,obytes=1140961,ef=(1,13,17,23,30)
x-timer: S1712079921.864011,VS0,VE1
etag: "16ae8fd5ee53d692049848d95b493cb5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 da44c7f0534d5e7fa9613b054085745d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 19ms
19ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9b145700ad5d17ebabe662bb5e22e34eab0abd86e2b7f59a483d7be0db3a5ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
age: 499437
edge-cache-tag: 294763532160413351551879794594549042271,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294763532160413351551879794594549042271,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 128
expiration: expiry-date="Sun, 21 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 27569
x-served-by: cache-iad-kiad7000175-IAD, cache-iad-kiad7000088-IAD, cache-iad-kcgs7200089-IAD, cache-ams21082-AMS
last-modified: Thu, 21 Mar 2024 15:48:06 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=27569,owidth=1200,oheight=630,obytes=1084945,ef=(1,13,17,23,30)
x-timer: S1712079921.864223,VS0,VE1
etag: "68ee205f7ba1f6ced8293fe95564adf6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1

GET
H2 200 0869c279187322c11a0aafb376fde22c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 17ms
17ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4eb6c7f2a7aa454348f2686a2e9548d31046be45fab02357fce6da2925f032ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
age: 443468
edge-cache-tag: 294648470964284478845587209305226383948,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294648470964284478845587209305226383948,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 171
expiration: expiry-date="Sun, 31 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://apnews.com/
content-length: 15146
x-served-by: cache-iad-kjyo7100101-IAD, cache-iad-kjyo7100065-IAD, cache-iad-kjyo7100077-IAD, cache-ams21082-AMS
last-modified: Thu, 29 Feb 2024 12:13:04 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=23422,owidth=1067,oheight=600,obytes=1019645,ef=(1,13,17,23,30)
x-timer: S1712079921.853024,VS0,VE0
etag: "65b4b0d8d59042ee3c341845b293530d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe0bc6e11b87847e1d4a25d4316cc5ccb11e87cf779a542dd421f0f325179121

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fd07a160214f8fe334ef561930bfc47.jpg
age: 2808719
edge-cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 440165295403068779039741028364839796753,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 120
expiration: expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jan-magazine.nl/
content-length: 8266
x-served-by: cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100078-IAD, cache-lga21945-LGA, cache-iad-kiad7000123-IAD, cache-ams21082-AMS
last-modified: Tue, 20 Feb 2024 21:11:00 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=16362,owidth=1000,oheight=600,obytes=337911,ef=(1,13,17,23,30)
x-timer: S1712079921.853221,VS0,VE0
etag: "bd705815a3e6168b10df965f5126c740"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 40, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efbc6ed32187f790232be9f024426731.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c96995aa2471d053bba8a090ead0f5db26f122c8a7afb66d888e298e088ea1ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efbc6ed32187f790232be9f024426731.jpg
age: 2150189
edge-cache-tag: 380844550900137889142765781484096309183,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380844550900137889142765781484096309183,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 216
expiration: expiry-date="Sun, 31 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.iflscience.com/
content-length: 6484
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kjyo7100171-IAD, cache-lga21942-LGA, cache-iad-kjyo7100092-IAD, cache-ams21082-AMS
last-modified: Thu, 29 Feb 2024 11:11:42 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=10923,owidth=1344,oheight=768,obytes=74779,ef=(1,13,17,23,30)
x-timer: S1712079921.875334,VS0,VE0
etag: "4205b5fca837639bfe5a5d718ac8a3dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 92, 5

GET
H2 200 next-up-widget.20240401-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 21ms
17ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20240401-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b7b36a195b3969b0a9dfddf9ec1c4d45e634cb19321887e2beb5a03bd865001

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DDPDnhs_WsA0D6hCgWIoG2Z1EVok2v5Z
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:20 GMT
x-amz-request-id: ZZFDZ432SG8577A1
age: 31896
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4671
x-amz-id-2: qKQvhPldODRazdl7G6B0T6Kj+h3160vXPT6sD0BG55x/u7am2c8HVJJcUmGS6hDfWlh7QnHRydU=
x-served-by: cache-ams21082-AMS
last-modified: Tue, 02 Apr 2024 08:53:45 GMT
server: AmazonS3
x-timer: S1712079921.864010,VS0,VE0
etag: "97d9fa53be988e6a0c60e89b708314c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81fd618622d2a722bb7f56fcb5c0ac1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01487e96b12cc31403104866bad3b9aedf7fc87133c20a40cc1ab45c4610952d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b81fd618622d2a722bb7f56fcb5c0ac1.jpg
age: 2364172
edge-cache-tag: 400992805495805925265670467159260511564,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 400992805495805925265670467159260511564,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 80
expiration: expiry-date="Sun, 10 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.news18.com/
content-length: 12240
x-served-by: cache-iad-kjyo7100156-IAD, cache-iad-kjyo7100110-IAD, cache-lga21965-LGA, cache-iad-kjyo7100077-IAD, cache-ams21082-AMS
last-modified: Thu, 08 Feb 2024 08:58:58 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=14570,owidth=1600,oheight=900,obytes=112467,ef=(1,13,17,23,30)
x-timer: S1712079921.875258,VS0,VE0
etag: "2e6d2910ea04b8273e8535f9c96c4c00"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 22, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b67e64dc-0450-48c8-b4d2-4da2be976eba__w7hhqkwG.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7877f49ee097a894a425781df5e97e312fd1f2f5d4d221c44975b1cf7c6bceaa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/b67e64dc-0450-48c8-b4d2-4da2be976eba__w7hhqkwG.jpg
age: 514352
edge-cache-tag: 324183640151713662023486639439363932090,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324183640151713662023486639439363932090,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 14
expiration: expiry-date="Mon, 15 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.foxtimesnews.com/
content-length: 50177
x-served-by: cache-iad-kiad7000027-IAD, cache-iad-kiad7000106-IAD, cache-lga21971-LGA, cache-iad-kiad7000120-IAD, cache-ams21082-AMS
last-modified: Fri, 15 Mar 2024 20:49:15 GMT
server: nginx
surrogate-reporting: width=740,height=370,bytes=50177,owidth=2000,oheight=1201,obytes=183903,ef=(1,13,17,23,30)
x-timer: S1712079921.875471,VS0,VE0
etag: "4d1d232cc3d2b50e9a187b3361ff3794"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2, 2

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 21ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&tvi2=15813&tvi50=15661&lti=deflated&ri=31e2a1697f733cd3ca8eb5b4afcfb1d9&sd=v2_0611dc4e4190a1a0541b41c1d4ff23dc_c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0_1712079920_1712079920_CIi3jgYQ8-NDGJq6qf_pMSABKAEwoQE4l-oLQJ2XEEjoztoDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0&pi=/&wi=-1709852854480885386&pt=home&vi=1712079920410&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22296.96875%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A45%3A20.872&id=3332&llvl=2&cv=20240401-5-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af998f3d7c619deb382efece2a9f7e6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2919f125df5dc47bd7936d5ec7f32aec7d5a0e6b5f7ae830c0e408d8892e80d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af998f3d7c619deb382efece2a9f7e6.jpg
age: 576211
edge-cache-tag: 384676988948736115277541265216607496345,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384676988948736115277541265216607496345,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 599
req-referer: https://www.news18.com/tech/apple-iphone-15-series-price-in-india-vs-usa-dubai-and-other-countries-check-full-list-8575377.html
content-length: 6152
x-request-id: 745d5d49975999c4da62504d19913c89
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kiad7000025-IAD, cache-lax-kwhp1940113-LAX, cache-iad-kiad7000103-IAD, cache-ams21082-AMS
last-modified: Mon, 18 Mar 2024 16:48:50 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=11668,owidth=1000,oheight=600,obytes=318180,ef=(1,13,17,23,30)
x-timer: S1712079921.892866,VS0,VE0
etag: "35f8cd578839eddaaa06d69ff69a6e87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_800%2Cx_0%2Cy_527/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8ddae824c2b351ee6c88a8a884cad93f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3535c4a5bffc13ae18520d4021db2dce63cdcc64e198ce4c8a0d3baa2312ddb2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_800%2Cx_0%2Cy_527/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8ddae824c2b351ee6c88a8a884cad93f.jpg
age: 2946305
edge-cache-tag: 598351709086213135810182488076710513320,571559514550431197385915883524405450025,29ecf9b93bbf306179626feeda1fab70
cache-tag: 598351709086213135810182488076710513320,571559514550431197385915883524405450025,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 84
content-length: 10508
x-request-id: b27956e2d36f1961e64ef70928e5d705
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kcgs7200066-IAD, cache-lga21969-LGA, cache-iad-kjyo7100056-IAD, cache-ams21082-AMS
last-modified: Tue, 13 Feb 2024 21:44:52 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=16827,owidth=800,oheight=1067,obytes=201572,ef=(1,13,17,23,30)
x-timer: S1712079921.892843,VS0,VE0
etag: "39f2fa72a37c7efc33dd01c5f9f7a4c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 51, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_960%2Cx_184%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a15d76ba95167ab24f800921a6c53b8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61604f28cc80dd4a34a2cb58e1bd447da291143e23419613e6edf4bb807206b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_960%2Cx_184%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a15d76ba95167ab24f800921a6c53b8.png
age: 98702
edge-cache-tag: 363709287533179663088139634091836185106,475971501583880691538319211019409053864,29ecf9b93bbf306179626feeda1fab70
cache-tag: 363709287533179663088139634091836185106,475971501583880691538319211019409053864,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 931
req-referer: https://tempest.services.disqus.com/
content-length: 38864
x-request-id: d999c3129074d2c96f30b925e5361f77
x-served-by: cache-iad-kjyo7100160-IAD, cache-iad-kjyo7100054-IAD, cache-lga21934-LGA, cache-iad-kiad7000074-IAD, cache-ams21082-AMS
last-modified: Thu, 28 Mar 2024 11:01:36 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=38864,owidth=1200,oheight=800,obytes=2085246,ef=(1,13,17,23,30)
x-timer: S1712079921.900968,VS0,VE0
etag: "3c61de5ddb2a5d51b0be506d4cd669b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_181%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9051e8bb9428f5f5a4da17b1e34cdac8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 686e372edbf0cf62df56b24346275f6a35cd2b2cd88f19328d0b965ee94bcf15

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_181%2Cy_0/c_fill%2Cw_360%2Ch_300/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9051e8bb9428f5f5a4da17b1e34cdac8.png
age: 390263
edge-cache-tag: 403493721134627639680698257064497790937,418637924394471241716561072720194016470,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403493721134627639680698257064497790937,418637924394471241716561072720194016470,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 535
req-referer: https://smallbusiness.chron.com/remove-bookmarks-google-docs-42143.html
content-length: 18220
x-request-id: 4afc59280c5536560d90037605197dc2
x-served-by: cache-iad-kcgs7200131-IAD, cache-iad-kiad7000157-IAD, cache-lga21983-LGA, cache-iad-kcgs7200022-IAD, cache-ams21082-AMS
last-modified: Thu, 21 Mar 2024 14:12:37 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=28186,owidth=1000,oheight=600,obytes=1140961,ef=(1,13,17,23,30)
x-timer: S1712079921.901377,VS0,VE0
etag: "16ae8fd5ee53d692049848d95b493cb5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9b145700ad5d17ebabe662bb5e22e34eab0abd86e2b7f59a483d7be0db3a5ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/da44c7f0534d5e7fa9613b054085745d.png
age: 499437
edge-cache-tag: 294763532160413351551879794594549042271,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294763532160413351551879794594549042271,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 128
expiration: expiry-date="Sun, 21 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 27569
x-served-by: cache-iad-kiad7000175-IAD, cache-iad-kiad7000088-IAD, cache-iad-kcgs7200089-IAD, cache-ams21082-AMS
last-modified: Thu, 21 Mar 2024 15:48:06 GMT
server: nginx
surrogate-reporting: width=360,height=300,bytes=27569,owidth=1200,oheight=630,obytes=1084945,ef=(1,13,17,23,30)
x-timer: S1712079921.901309,VS0,VE0
etag: "68ee205f7ba1f6ced8293fe95564adf6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5967 0
0 55ms
55ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5967 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ccb175aa6e7697d3b5af751d08d8f13901853313945ae97c7345f50e1e6533f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A6E 0
0 54ms
54ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6A6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b33fa946a38e60349980c5e9e0bd3c575c508b0a4cc84e225dc470c1a76167e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0869c279187322c11a0aafb376fde22c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 19ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71626abcd474cd1ab25aa26ce0080cf646ba532a082d16dcbe8b3511641bba1b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
age: 436717
edge-cache-tag: 294648470964284478845587209305226383948,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294648470964284478845587209305226383948,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 169
expiration: expiry-date="Sun, 07 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.livedoor.com/
content-length: 6732
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kcgs7200108-IAD, cache-lga21983-LGA, cache-iad-kiad7000119-IAD, cache-ams21082-AMS
last-modified: Thu, 07 Mar 2024 10:39:19 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=12998,owidth=1067,oheight=600,obytes=1019645,ef=(1,13,17,23,30)
x-timer: S1712079921.948599,VS0,VE1
etag: "1a6ae7728a34a190a32f27a62610a5a4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475577/ Frame 6A6E 2 KB
1008 B 105ms
18ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475577/hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a39b39996eac9f310a281345d603ba8b078f61442393110910a38a16e105f094

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 14:42:12 GMT
server: nginx
etag: W/"660581c4-605"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6A6E 90 KB
29 KB 66ms
65ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

24deb8c2391451cdf3a4663d0359e0142fd1f3602d195da17f15279fcc6c3ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29187
x-xss-protection: 0
server: cafe
etag: 689 / 19815 / m202403270101 / config-hash: 13597004551339020200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 wrapper_hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475577/ Frame 6A6E 2 KB
1 KB 102ms
16ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475577/wrapper_hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 40c6f803da5b5eaea1bcecca442170ee74786c40a87b5a5ea59ec22427edcd1b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 14:42:12 GMT
server: nginx
etag: W/"660581c4-9fc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6A6E 90 KB
29 KB 124ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e9c637b253230955809039eeba7142917296f316ef3413c152eb571611be56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29190
x-xss-protection: 0
server: cafe
etag: 788 / 19815 / 31082317 / config-hash: 13597004551339020200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:45:21 GMT

GET
H2 200 hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475577/ Frame 5967 2 KB
1008 B 104ms
17ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475577/hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a39b39996eac9f310a281345d603ba8b078f61442393110910a38a16e105f094

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 14:42:12 GMT
server: nginx
etag: W/"660581c4-605"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5967 90 KB
29 KB 67ms
66ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e0a9c30bcf30079668c1566444772bd4d12e78dab6aa08548472d65d7990077d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29187
x-xss-protection: 0
server: cafe
etag: 838 / 19815 / m202403270101 / config-hash: 13597004551339020200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:45:20 GMT

GET
H2 200 wrapper_hb_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/475577/ Frame 5967 2 KB
1 KB 103ms
17ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/475577/wrapper_hb_755983_19102.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 40c6f803da5b5eaea1bcecca442170ee74786c40a87b5a5ea59ec22427edcd1b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 14:42:12 GMT
server: nginx
etag: W/"660581c4-9fc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5967 90 KB
29 KB 128ms
70ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ultrasurfing.comadpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2060f51d78e71f3b5bebb6e271ff92c687e297cff1b60fb4a7375b25e3ef4fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29258
x-xss-protection: 0
server: cafe
etag: 867 / 19815 / m202403270101 / config-hash: 224697346232904910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:45:21 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71626abcd474cd1ab25aa26ce0080cf646ba532a082d16dcbe8b3511641bba1b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:20 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0869c279187322c11a0aafb376fde22c.png
age: 436717
edge-cache-tag: 294648470964284478845587209305226383948,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294648470964284478845587209305226383948,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 169
expiration: expiry-date="Sun, 07 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.livedoor.com/
content-length: 6732
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kcgs7200108-IAD, cache-lga21983-LGA, cache-iad-kiad7000119-IAD, cache-ams21082-AMS
last-modified: Thu, 07 Mar 2024 10:39:19 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=12998,owidth=1067,oheight=600,obytes=1019645,ef=(1,13,17,23,30)
x-timer: S1712079921.979427,VS0,VE0
etag: "1a6ae7728a34a190a32f27a62610a5a4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/ Frame 6A6E 441 KB
138 KB 24ms
24ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ccf37446ea1ee83a3fce3f04bd63d69bb12d619e8e4c359540df4b94638daf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5544
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141434
x-xss-protection: 0
server: cafe
etag: 5731712271330627757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 02 Apr 2025 16:12:57 GMT

GET
H2 200 main_00002.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 136 KB
137 KB 18ms
18ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00002.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488D) /
Resource Hash: 792223dfab766d23d8600984dbb409ecd9a14b685fc49d61b6b110f46a28dc46

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: v5MAkKHFpFki+i3geCMfPQ==
age: 11515
x-cache: HIT
x-client-device: desktop
content-length: 139496
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:23:47 GMT
server: ECAcc (ama/488D)
etag: 0x8DB25588202B9DE
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: 4935f9cc-b01e-0009-330a-851c90000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/ Frame 5967 441 KB
138 KB 27ms
27ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ccf37446ea1ee83a3fce3f04bd63d69bb12d619e8e4c359540df4b94638daf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 16:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5544
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141434
x-xss-protection: 0
server: cafe
etag: 5731712271330627757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 02 Apr 2025 16:12:57 GMT

GET
H2 200 hbw_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/O6wro/ Frame 6A6E 128 KB
42 KB 23ms
23ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475577/wrapper_hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4a5bf872f5fdda6aa8e58482b68e6f86380023b54d5365afd0ba3ab4b539fc11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 14:42:12 GMT
server: nginx
etag: W/"660581c4-1fe97"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H2 200 hbw_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/O6wro/ Frame 5967 128 KB
42 KB 43ms
43ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475577/wrapper_hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4a5bf872f5fdda6aa8e58482b68e6f86380023b54d5365afd0ba3ab4b539fc11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 14:42:12 GMT
server: nginx
etag: W/"660581c4-1fe97"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H2 200 hbp_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 5967 301 KB
96 KB 52ms
51ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475577/hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 10:37:17 GMT
server: nginx
etag: W/"65c35d5d-4b3bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H2 200 hbp_master_755983_19102.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 6A6E 301 KB
96 KB 52ms
52ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/475577/hb_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 10:37:17 GMT
server: nginx
etag: W/"65c35d5d-4b3bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 02 Apr 2024 18:45:21 GMT

GET
H2 200 main_00003.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 242 KB
242 KB 20ms
19ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00003.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AD) /
Resource Hash: 7d9103ea1caca69d25df079a4e2bb0e7d28e65ace41696aae5657771875e73c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: CLA7N/9Jpn5OwHus0NiA2Q==
age: 11512
x-cache: HIT
x-client-device: desktop
content-length: 247408
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:33:01 GMT
server: ECAcc (ama/48AD)
etag: 0x8DB2559CC43C717
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: 7c1fff9c-901e-0031-3c0a-85b850000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

POST
H2 204 pubs-generic
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
246 B 16ms
16ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/pubs-generic?route=AM:AM:V&tvi2=15813&tvi50=15661&lti=deflated&d=%7B%22data%22%3A%22%7B%7D%22%2C%22type%22%3A%22recReel-available%22%2C%22eventTime%22%3A1712079921122%7D&tim=19%3A45%3A21.122&id=8409&llvl=2&ri=bfb19967ad4f991d1fd77aff4abaf177&sd=v2_0611dc4e4190a1a0541b41c1d4ff23dc_c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0_1712079920_1712079920_CIi3jgYQ8-NDGJq6qf_pMSABKAEwoQE4l-oLQJ2XEEjoztoDUP___________wFYAGAAaI670Mmdm5iQc3AA&ui=c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0&pi=/&wi=-1709852854480885386&pt=home&vi=1712079920410&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://ultrasurfing.com
pragma: no-cache
date: Tue, 02 Apr 2024 17:45:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 057581c87670dd306da4c49c24079e11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 19ms
19ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fab174f5f557a25dc9a4d9f5364b533b2d318315499624e8eeaa6a6df923c7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
age: 1640051
edge-cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 197
expiration: expiry-date="Wed, 27 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 16376
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kiad7000152-IAD, cache-iad-kcgs7200050-IAD, cache-ams21082-AMS
last-modified: Sun, 25 Feb 2024 01:08:44 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=56874,owidth=1200,oheight=800,obytes=502835,ef=(1,13,17,23,30)
x-timer: S1712079921.136165,VS0,VE1
etag: "c0226d5ae26611b528f0f10bba2b1f97"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 20, 1

GET
H2 200 3ed8088ac604c1ee665d4fed16fee470.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 19ms
19ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ed8088ac604c1ee665d4fed16fee470.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f39dfa0cc3f91f4f69318a68d1ce30e2ebf836d591b49878ca896c6011574a51

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ed8088ac604c1ee665d4fed16fee470.jpg
age: 1224301
edge-cache-tag: 432897817441437210657959390875383103327,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 432897817441437210657959390875383103327,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 71
expiration: expiry-date="Sat, 23 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://weather.com/
content-length: 28739
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kiad7000062-IAD, cache-iad-kiad7000082-IAD, cache-ams21082-AMS
last-modified: Wed, 21 Feb 2024 04:13:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=28739,owidth=1500,oheight=844,obytes=264382,ef=(1,13,17,23,30)
x-timer: S1712079921.136558,VS0,VE1
etag: "5a22ae43c2382718ed2d1ebc48822fa5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1

GET
H2 200 fa2bcf53a2b9a513d6e88fbff4feb7ea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 20ms
20ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa2bcf53a2b9a513d6e88fbff4feb7ea.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ea13a2f0a0d20d4296a059e3a2cd946c3d627ee8c88dfa897d3c8c2f143de8b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa2bcf53a2b9a513d6e88fbff4feb7ea.jpg
age: 2523506
edge-cache-tag: 505714995433927598412080155905361561144,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 505714995433927598412080155905361561144,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 355
req-referer: https://thecelticblog.com/2024/03/articles-and-features/deranged-record-hacks-launches-another-unhinged-incoherent-attack-on-celtic/
content-length: 5486
x-request-id: caa1a1ed46285a668f2e4b45ab3185ff
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kiad7000038-IAD, cache-lga21978-LGA, cache-iad-kjyo7100021-IAD, cache-ams21082-AMS
last-modified: Wed, 28 Feb 2024 15:47:37 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=8492,owidth=1000,oheight=600,obytes=22563,ef=(1,13,17,23,30)
x-timer: S1712079921.137028,VS0,VE1
etag: "86624f0b75170befc9759c5d5f7d117e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 63, 1

GET
H2 200 c5dbff36383f1689985bc66b6e47efad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 20ms
20ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 21dc050ef5ce7ac6168e411225d34d0bcbf1f7af91ad1580678c499d337dbc0e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
age: 5437357
edge-cache-tag: 322225708252158650412406976584958651105,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322225708252158650412406976584958651105,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 172
expiration: expiry-date="Mon, 01 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.solaranlage-ratgeber.de/solarthermie/solarthermie-funktionen/kombination-mit-anderer-heiztechniken/pelletheizung-mit-solarthermie
content-length: 23846
x-served-by: cache-iad-kcgs7200098-IAD, cache-iad-kiad7000081-IAD, cache-lga21947-LGA, cache-iad-kjyo7100057-IAD, cache-ams21082-AMS
last-modified: Fri, 01 Dec 2023 17:13:02 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=57772,owidth=1200,oheight=800,obytes=592354
x-timer: S1712079921.137022,VS0,VE1
etag: "a3516f231242a05e986c51fac1e06c8d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 9, 1, 8, 1

GET
H2 200 e8ad088c864fe936a711ebeb9dbe24bd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 22ms
22ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8ad088c864fe936a711ebeb9dbe24bd.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d0b7f42876baf188f84ecb69cbecdf5f336350062970aebba9edf1d5a579fbf2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8ad088c864fe936a711ebeb9dbe24bd.jpg
age: 1579428
edge-cache-tag: 485350819298367869766646027152913664482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 485350819298367869766646027152913664482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 4
req-referer: https://www.lefigaro.fr/conjoncture/le-retour-en-grace-de-la-chicoree-cette-boisson-chti-qui-pourrait-vous-faire-abandonner-le-cafe-20240301
content-length: 11467
x-request-id: d6bea43556c5975f9043a7db8c48864f
x-served-by: cache-iad-kjyo7100117-IAD, cache-iad-kcgs7200118-IAD, cache-lax-kwhp1940029-LAX, cache-iad-kiad7000167-IAD, cache-ams21082-AMS
last-modified: Fri, 15 Mar 2024 06:55:09 GMT
server: nginx
surrogate-reporting: width=626,height=347,bytes=11467,owidth=626,oheight=418,obytes=25204,ef=(1,13,17,23,30)
x-timer: S1712079921.137609,VS0,VE2
etag: "57821ac5b0b5ad3e7e219e120deb0d22"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 5f9c66ae00f66cb7f6bba8135e9fdeaa.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 22ms
22ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f9c66ae00f66cb7f6bba8135e9fdeaa.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ee3ed6ffcda00dd5267c80cac29a17218e1629a751b15e47a4b6067c7e0f45c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f9c66ae00f66cb7f6bba8135e9fdeaa.jpeg
age: 1598459
edge-cache-tag: 594069845631588275428533713043433250460,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 594069845631588275428533713043433250460,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 69
req-referer: https://www.tichyseinblick.de/feuilleton/genderverbot-in-bayern/
content-length: 17863
x-request-id: f66c5522fd7fdfa4568e08d656a7d3dd
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kiad7000050-IAD, cache-iad-kjyo7100102-IAD, cache-ams21082-AMS
last-modified: Thu, 14 Mar 2024 12:07:37 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=17863,owidth=750,oheight=725,obytes=88493,ef=(1,13,17,23,30)
x-timer: S1712079921.138240,VS0,VE1
etag: "3038afd9a0d4c0b9f37558e2ac349703"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 9, 1

GET
H2 200 e91fd28d107f7d3dc27b66dd328ad54c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 18ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e91fd28d107f7d3dc27b66dd328ad54c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39eb063d4cd122800b6954afc22997ca48df3a5ea076817f5c5c4431b6d27718

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e91fd28d107f7d3dc27b66dd328ad54c.jpg
age: 2457270
edge-cache-tag: 418128979810837127385843034543628608558,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 418128979810837127385843034543628608558,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 204
expiration: expiry-date="Thu, 07 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 15126
x-served-by: cache-iad-kiad7000108-IAD, cache-iad-kiad7000108-IAD, cache-lax-kwhp1940109-LAX, cache-iad-kjyo7100041-IAD, cache-ams21082-AMS
last-modified: Mon, 05 Feb 2024 13:42:48 GMT
server: nginx
surrogate-reporting: width=740,height=370,bytes=24328,owidth=2122,oheight=1412,obytes=1139381,ef=(1,13,17,23,30)
x-timer: S1712079921.155968,VS0,VE1
etag: "e1b247a66656207baf5ee2740b6da197"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 41, 1

GET
H2 200 9b62d8d7-8ed1-493d-9c23-38720a6f2472__trPkbbve.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1097%2Cx_195%2Cy_71/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUS... 26 KB
27 KB 20ms
19ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1097%2Cx_195%2Cy_71/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/9b62d8d7-8ed1-493d-9c23-38720a6f2472__trPkbbve.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39d5ad5436e94b42cc6d86048c4d3886a334d53c07f9967b7126d656339eccaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1097%2Cx_195%2Cy_71/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/9b62d8d7-8ed1-493d-9c23-38720a6f2472__trPkbbve.jpg
age: 1135998
edge-cache-tag: 308942692549534724420964021945790198386,585774878295608691560766655576497023649,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308942692549534724420964021945790198386,585774878295608691560766655576497023649,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 17
req-referer: https://acdn.adnxs-simple.com/
content-length: 26840
x-request-id: 2d30fe6eb3b39fbc75129aee88268d0b
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kjyo7100155-IAD, cache-lga21958-LGA, cache-iad-kiad7000158-IAD, cache-ams21082-AMS
last-modified: Wed, 20 Mar 2024 10:52:08 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=26840,owidth=1333,oheight=750,obytes=422898,ef=(1,13,17,23,30)
x-timer: S1712079921.157942,VS0,VE1
etag: "2f48fc8c49f02b32ffc488794ab790c8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 9, 1

GET
H2 200 5a801619e7339e2a69cb464e79e42e1b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 19ms
19ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a801619e7339e2a69cb464e79e42e1b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b2eab8c6e0f378c6d9adbc9670e53af207a4cb16be5dadfc1728af63ee343d6b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a801619e7339e2a69cb464e79e42e1b.jpg
age: 2964578
edge-cache-tag: 465306152238160303457593695708019161899,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 465306152238160303457593695708019161899,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 56
req-referer: https://d-434668595289283535.ampproject.net/
content-length: 10526
x-request-id: f12fd4182d67fb163d8060037b5534eb
x-served-by: cache-iad-kiad7000038-IAD, cache-iad-kjyo7100033-IAD, cache-lga21945-LGA, cache-iad-kiad7000116-IAD, cache-ams21082-AMS
last-modified: Mon, 26 Feb 2024 12:07:51 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=26150,owidth=1536,oheight=1024,obytes=163143,ef=(1,13,17,23,30)
x-timer: S1712079921.157926,VS0,VE1
etag: "33e15b83a401db0b9468a683caa4d104"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 9038, 1

GET
H2 200 39f3ade6bd046aedf2797080177b5ccb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
88 KB 22ms
22ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39f3ade6bd046aedf2797080177b5ccb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a1199fb31d9eb51d799feafa3e85ad79e1f84332a8275b013d9f1323c307199

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39f3ade6bd046aedf2797080177b5ccb.jpg
age: 2880259
edge-cache-tag: 416559524222413505125816017703421993983,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 416559524222413505125816017703421993983,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 294
expiration: expiry-date="Mon, 25 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://bravewords.com/news/do-the-users-take-the-tiktok-content-seriously
content-length: 88796
x-served-by: cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200178-IAD, cache-lax-kwhp1940062-LAX, cache-iad-kcgs7200080-IAD, cache-ams21082-AMS
last-modified: Fri, 23 Feb 2024 09:09:16 GMT
server: nginx
surrogate-reporting: width=1000,height=500,bytes=167205,owidth=1000,oheight=600,obytes=197211,ef=(1,13,17,23,30)
x-timer: S1712079921.160575,VS0,VE2
etag: "abae657dc197a02b4321e2a6fa43d2c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 43, 1, 0, 1

GET
H2 200 213e253f2ac4d93348425fba8302d34d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 64 KB
65 KB 22ms
21ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/213e253f2ac4d93348425fba8302d34d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a347a273154ab74858bf90d5700e06b431498653da3902896fc7ad7e42fb22fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 2
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/213e253f2ac4d93348425fba8302d34d.png
age: 473503
edge-cache-tag: 605692396524399103138229600204090857597,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605692396524399103138229600204090857597,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 109
expiration: expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://stylesandeals.com/
content-length: 65391
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kcgs7200141-IAD, cache-lax-kwhp1940048-LAX, cache-iad-kiad7000144-IAD, cache-ams21082-AMS
last-modified: Tue, 27 Feb 2024 15:30:50 GMT
server: nginx
surrogate-reporting: width=740,height=412,bytes=65391,owidth=1920,oheight=1440,obytes=4425704,ef=(1,13,17,23,30)
x-timer: S1712079921.160539,VS0,VE2
etag: "e758368ce38de5786426ab57a30d6162"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 6, 1

GET
H2 200 e3db4e6a2b0856eed8aa958deba38e40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 19ms
19ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 667638a38b57298a015cb48616f479cf3e122f18e96bc9cd81d1467b3152769c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
age: 3394466
edge-cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 147
expiration: expiry-date="Thu, 07 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.franceguyane.fr/
content-length: 16432
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200071-IAD, cache-ewr18179-EWR, cache-iad-kiad7000176-IAD, cache-ams21082-AMS
last-modified: Mon, 05 Feb 2024 11:41:59 GMT
server: nginx
surrogate-reporting: width=1344,height=746,bytes=64332,owidth=1344,oheight=768,obytes=70735,ef=(1,13,17,23,30)
x-timer: S1712079921.160934,VS0,VE0
etag: "b209a07dce03cc550512484c23d5529d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1766, 11

GET
H2 200 683a5116026f5577e2d9fe8aeb9c4659.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 18ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/683a5116026f5577e2d9fe8aeb9c4659.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: be7d7f91d35c596c975c8d19c8bd0e1e5208491225aa332362c3b0abea9c01a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/683a5116026f5577e2d9fe8aeb9c4659.jpeg
age: 2277428
edge-cache-tag: 459729608773163097971268169444939181805,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 459729608773163097971268169444939181805,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 212
expiration: expiry-date="Sat, 16 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://iranianuk.com/
content-length: 12574
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kjyo7100127-IAD, cache-iad-kcgs7200062-IAD, cache-ams21082-AMS
last-modified: Wed, 14 Feb 2024 15:49:45 GMT
server: nginx
surrogate-reporting: width=600,height=333,bytes=18512,owidth=600,oheight=400,obytes=27144,ef=(1,13,17,23,30)
x-timer: S1712079921.174749,VS0,VE1
etag: "4f4a33997ebb384ec2cd8e4aeef078ce"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 9, 1

GET
H2 200 98d4a035fe862df785d93baebf17dd3f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 49 KB
50 KB 17ms
17ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1dae73580dd1bdcda70c51b86962fdc95f502c58bbdae06984df2ee07df5f351

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
age: 5193035
edge-cache-tag: 544211193292261258242371404021740651035,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544211193292261258242371404021740651035,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 202
req-referer: https://cdn.taboola.com/
content-length: 50662
x-request-id: bfee6733178427f54786ad9f73896458
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kiad7000066-IAD, cache-lga21942-LGA, cache-iad-kcgs7200045-IAD, cache-ams21082-AMS
last-modified: Thu, 01 Feb 2024 21:45:01 GMT
server: nginx
surrogate-reporting: width=1280,height=711,bytes=132793,owidth=1280,oheight=768,obytes=492551,ef=(1,13,17,23,30)
x-timer: S1712079921.178455,VS0,VE0
etag: "b287c506ea25d931bece6e7c90a956d9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 374, 2

GET
H2 200 st
imprammp.taboola.com/ Frame BAD9 0
0 61ms
20ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&cmcv=&pix=undefined&cb=1712079921149&uv=3391&tms=1712079921149&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!aniviewInteg2-in_vA!aniviewInteg2_vA!mprdct01val_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9209a353-922b-46eb-9bda-745b491252c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.8/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 02 Apr 2024 17:45:21 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-ams21059-AMS
x-timer: S1712079921.203258,VS0,VE3

GET
H2 200 sync
am-match.taboola.com/ Frame BCA1 0
0 76ms
20ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.8/UnitFeedManagerMobile.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 02 Apr 2024 17:45:21 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 32ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&cmcv=&pix=31589837&cb=1712079921149&uv=3391&tms=1712079921149&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!aniviewInteg2-in_vA!aniviewInteg2_vA!mprdct01val_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1712079918544.8!ts:1712079921149&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK / Show response
sghb.aplhb.adipolo.com/geo/ Frame 6A6E 169 B
438 B 120ms
26ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: d9ffff591407444da88adf6bdbd46fb28d042dc14ea45714651bb9c9f9ae190c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:45:21 GMT
Server: fasthttp
Content-Type: application/json
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 169

GET
H/1.1 200
OK tracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame 6A6E 43 B
432 B 119ms
25ms XHR
image/gif 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=755983&site_id=19102&full_page_url=https%3A%2F%2Fultrasurfing.com&adid=io6hux.2y&features=81952&vpbv=m2312&tte=212&lifecycle_tte=345
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:45:21 GMT
Server: fasthttp
Content-Type: image/gif
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H/1.1 200
OK avTaboolaWrapper.js Show response
player.aniview.com/script/custom/taboola/wrapper/ 19 KB
6 KB 105ms
25ms Script
application/javascript 2a02:26f0:3500:2b::17cf:d25a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/custom/taboola/wrapper/avTaboolaWrapper.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.8.8/UnitFeedManagerMobile.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2b::17cf:d25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dc38d07ed2c0cf6079799000c1d629bc0a154f413eda7377bfdb2eeac96ed996

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:45:21 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABPtcPoW74ZqxWb0shY7j3aENJwrI1OXGyDzHsgQPeYEOUDFA_WuYUj_e8ClvxsXIx4RssRvFE8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4897
Last-Modified: Sun, 17 Mar 2024 12:16:26 GMT
Server: UploadServer
ETag: "3354098123ae6b1c2dc7ab230a87973a"
Vary: Accept-Encoding
x-goog-generation: 1710677786259141
Content-Type: application/javascript
Content-Language: en
x-goog-hash: crc32c=PDmshQ==, md5=M1QJgSOuaxwtx6sjCoeXOg==
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, no-transform, max-age=900
x-goog-stored-content-length: 4897
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Expires: Tue, 02 Apr 2024 18:00:21 GMT

GET
H/1.1 200
OK / Show response
sghb.aplhb.adipolo.com/geo/ Frame 5967 169 B
438 B 84ms
24ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: d9ffff591407444da88adf6bdbd46fb28d042dc14ea45714651bb9c9f9ae190c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:45:21 GMT
Server: fasthttp
Content-Type: application/json
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 169

GET
H/1.1 200
OK tracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame 5967 43 B
432 B 85ms
25ms XHR
image/gif 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=755983&site_id=19102&full_page_url=https%3A%2F%2Fultrasurfing.com&adid=io6hvt.ej&features=81952&vpbv=m2312&tte=245&lifecycle_tte=386
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:45:21 GMT
Server: fasthttp
Content-Type: image/gif
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fab174f5f557a25dc9a4d9f5364b533b2d318315499624e8eeaa6a6df923c7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/057581c87670dd306da4c49c24079e11.jpg
age: 1640051
edge-cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 514971880627965061188305095797447942201,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 197
expiration: expiry-date="Wed, 27 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 16376
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kiad7000152-IAD, cache-iad-kcgs7200050-IAD, cache-ams21082-AMS
last-modified: Sun, 25 Feb 2024 01:08:44 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=56874,owidth=1200,oheight=800,obytes=502835,ef=(1,13,17,23,30)
x-timer: S1712079921.206465,VS0,VE0
etag: "c0226d5ae26611b528f0f10bba2b1f97"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 20, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ed8088ac604c1ee665d4fed16fee470.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f39dfa0cc3f91f4f69318a68d1ce30e2ebf836d591b49878ca896c6011574a51

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ed8088ac604c1ee665d4fed16fee470.jpg
age: 1224301
edge-cache-tag: 432897817441437210657959390875383103327,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 432897817441437210657959390875383103327,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 71
expiration: expiry-date="Sat, 23 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://weather.com/
content-length: 28739
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kiad7000062-IAD, cache-iad-kiad7000082-IAD, cache-ams21082-AMS
last-modified: Wed, 21 Feb 2024 04:13:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=28739,owidth=1500,oheight=844,obytes=264382,ef=(1,13,17,23,30)
x-timer: S1712079921.206794,VS0,VE0
etag: "5a22ae43c2382718ed2d1ebc48822fa5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa2bcf53a2b9a513d6e88fbff4feb7ea.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ea13a2f0a0d20d4296a059e3a2cd946c3d627ee8c88dfa897d3c8c2f143de8b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa2bcf53a2b9a513d6e88fbff4feb7ea.jpg
age: 2523506
edge-cache-tag: 505714995433927598412080155905361561144,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 505714995433927598412080155905361561144,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 355
req-referer: https://thecelticblog.com/2024/03/articles-and-features/deranged-record-hacks-launches-another-unhinged-incoherent-attack-on-celtic/
content-length: 5486
x-request-id: caa1a1ed46285a668f2e4b45ab3185ff
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kiad7000038-IAD, cache-lga21978-LGA, cache-iad-kjyo7100021-IAD, cache-ams21082-AMS
last-modified: Wed, 28 Feb 2024 15:47:37 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=8492,owidth=1000,oheight=600,obytes=22563,ef=(1,13,17,23,30)
x-timer: S1712079921.206797,VS0,VE0
etag: "86624f0b75170befc9759c5d5f7d117e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 63, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 21dc050ef5ce7ac6168e411225d34d0bcbf1f7af91ad1580678c499d337dbc0e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
age: 5437357
edge-cache-tag: 322225708252158650412406976584958651105,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322225708252158650412406976584958651105,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 172
expiration: expiry-date="Mon, 01 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.solaranlage-ratgeber.de/solarthermie/solarthermie-funktionen/kombination-mit-anderer-heiztechniken/pelletheizung-mit-solarthermie
content-length: 23846
x-served-by: cache-iad-kcgs7200098-IAD, cache-iad-kiad7000081-IAD, cache-lga21947-LGA, cache-iad-kjyo7100057-IAD, cache-ams21082-AMS
last-modified: Fri, 01 Dec 2023 17:13:02 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=57772,owidth=1200,oheight=800,obytes=592354
x-timer: S1712079921.207315,VS0,VE0
etag: "a3516f231242a05e986c51fac1e06c8d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 9, 1, 8, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8ad088c864fe936a711ebeb9dbe24bd.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d0b7f42876baf188f84ecb69cbecdf5f336350062970aebba9edf1d5a579fbf2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8ad088c864fe936a711ebeb9dbe24bd.jpg
age: 1579428
edge-cache-tag: 485350819298367869766646027152913664482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 485350819298367869766646027152913664482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 4
req-referer: https://www.lefigaro.fr/conjoncture/le-retour-en-grace-de-la-chicoree-cette-boisson-chti-qui-pourrait-vous-faire-abandonner-le-cafe-20240301
content-length: 11467
x-request-id: d6bea43556c5975f9043a7db8c48864f
x-served-by: cache-iad-kjyo7100117-IAD, cache-iad-kcgs7200118-IAD, cache-lax-kwhp1940029-LAX, cache-iad-kiad7000167-IAD, cache-ams21082-AMS
last-modified: Fri, 15 Mar 2024 06:55:09 GMT
server: nginx
surrogate-reporting: width=626,height=347,bytes=11467,owidth=626,oheight=418,obytes=25204,ef=(1,13,17,23,30)
x-timer: S1712079921.207287,VS0,VE0
etag: "57821ac5b0b5ad3e7e219e120deb0d22"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f9c66ae00f66cb7f6bba8135e9fdeaa.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ee3ed6ffcda00dd5267c80cac29a17218e1629a751b15e47a4b6067c7e0f45c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f9c66ae00f66cb7f6bba8135e9fdeaa.jpeg
age: 1598459
edge-cache-tag: 594069845631588275428533713043433250460,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 594069845631588275428533713043433250460,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 69
req-referer: https://www.tichyseinblick.de/feuilleton/genderverbot-in-bayern/
content-length: 17863
x-request-id: f66c5522fd7fdfa4568e08d656a7d3dd
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kiad7000050-IAD, cache-iad-kjyo7100102-IAD, cache-ams21082-AMS
last-modified: Thu, 14 Mar 2024 12:07:37 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=17863,owidth=750,oheight=725,obytes=88493,ef=(1,13,17,23,30)
x-timer: S1712079921.207286,VS0,VE0
etag: "3038afd9a0d4c0b9f37558e2ac349703"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 9, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e91fd28d107f7d3dc27b66dd328ad54c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39eb063d4cd122800b6954afc22997ca48df3a5ea076817f5c5c4431b6d27718

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e91fd28d107f7d3dc27b66dd328ad54c.jpg
age: 2457270
edge-cache-tag: 418128979810837127385843034543628608558,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 418128979810837127385843034543628608558,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 204
expiration: expiry-date="Thu, 07 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 15126
x-served-by: cache-iad-kiad7000108-IAD, cache-iad-kiad7000108-IAD, cache-lax-kwhp1940109-LAX, cache-iad-kjyo7100041-IAD, cache-ams21082-AMS
last-modified: Mon, 05 Feb 2024 13:42:48 GMT
server: nginx
surrogate-reporting: width=740,height=370,bytes=24328,owidth=2122,oheight=1412,obytes=1139381,ef=(1,13,17,23,30)
x-timer: S1712079921.231619,VS0,VE0
etag: "e1b247a66656207baf5ee2740b6da197"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 41, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1097%2Cx_195%2Cy_71/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/9b62d8d7-8ed1-493d-9c23-38720a6f2472__trPkbbve.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39d5ad5436e94b42cc6d86048c4d3886a334d53c07f9967b7126d656339eccaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1097%2Cx_195%2Cy_71/c_fill%2Cw_360%2Ch_200/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/9b62d8d7-8ed1-493d-9c23-38720a6f2472__trPkbbve.jpg
age: 1135998
edge-cache-tag: 308942692549534724420964021945790198386,585774878295608691560766655576497023649,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308942692549534724420964021945790198386,585774878295608691560766655576497023649,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 17
req-referer: https://acdn.adnxs-simple.com/
content-length: 26840
x-request-id: 2d30fe6eb3b39fbc75129aee88268d0b
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kjyo7100155-IAD, cache-lga21958-LGA, cache-iad-kiad7000158-IAD, cache-ams21082-AMS
last-modified: Wed, 20 Mar 2024 10:52:08 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=26840,owidth=1333,oheight=750,obytes=422898,ef=(1,13,17,23,30)
x-timer: S1712079921.231608,VS0,VE0
etag: "2f48fc8c49f02b32ffc488794ab790c8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 9, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a801619e7339e2a69cb464e79e42e1b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b2eab8c6e0f378c6d9adbc9670e53af207a4cb16be5dadfc1728af63ee343d6b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a801619e7339e2a69cb464e79e42e1b.jpg
age: 2964578
edge-cache-tag: 465306152238160303457593695708019161899,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 465306152238160303457593695708019161899,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 56
req-referer: https://d-434668595289283535.ampproject.net/
content-length: 10526
x-request-id: f12fd4182d67fb163d8060037b5534eb
x-served-by: cache-iad-kiad7000038-IAD, cache-iad-kjyo7100033-IAD, cache-lga21945-LGA, cache-iad-kiad7000116-IAD, cache-ams21082-AMS
last-modified: Mon, 26 Feb 2024 12:07:51 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=26150,owidth=1536,oheight=1024,obytes=163143,ef=(1,13,17,23,30)
x-timer: S1712079921.231829,VS0,VE0
etag: "33e15b83a401db0b9468a683caa4d104"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 9038, 2

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5967 0
0 62ms
61ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssPLq1xL3Qu9XWWHZXHdiw2k1DT9FfynB4F6oP3faFTak9yC4sE6OJZvKckSRjraB5VvAgJGf76TgOLUX4aSitkwD4cLP76nSt0RaR5RgbhJtasnP7iTPLmrlkLSlsOJXmAxVAGNFGOFOWVycomc1ZZ-dCW1W3VbtzIAVJ0qEgNYmRejhaSWkwpc6-8N4aTPno5fGu1pvDQvXJU2ecWAxZA6EaisnqBifV34LwFUC0Pd69w3JJR4ZBF-i3NjGVhwP1SiBL5alQZmLN4wo-FSTlQk6nu0hnalvYRpRvhg5SbkNDgNE5Vl46w68iqhduz62fS3e2sCNuHv65QCtdd9rPkV3UykJJJCmeNGqtVQntIZkWSgNIhLrXv7EsyytgZderSog&sig=Cg0ArKJSzMv2DBhU_JCbEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ Frame 5967 11 KB
5 KB 72ms
18ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fultrasurfing.com
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ff4a59a1e763c94313fc6e3e617ca1fc4a83c32e23e37304b623744a610537e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

expires: Wed, 03 Apr 2024 17:45:21 GMT
date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 00:02:43 GMT
server: nginx
etag: W/"660b4b23-2ac7"
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=86400
x-proxy-cache: HIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39f3ade6bd046aedf2797080177b5ccb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a1199fb31d9eb51d799feafa3e85ad79e1f84332a8275b013d9f1323c307199

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39f3ade6bd046aedf2797080177b5ccb.jpg
age: 2880259
edge-cache-tag: 416559524222413505125816017703421993983,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 416559524222413505125816017703421993983,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 294
expiration: expiry-date="Mon, 25 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://bravewords.com/news/do-the-users-take-the-tiktok-content-seriously
content-length: 88796
x-served-by: cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200178-IAD, cache-lax-kwhp1940062-LAX, cache-iad-kcgs7200080-IAD, cache-ams21082-AMS
last-modified: Fri, 23 Feb 2024 09:09:16 GMT
server: nginx
surrogate-reporting: width=1000,height=500,bytes=167205,owidth=1000,oheight=600,obytes=197211,ef=(1,13,17,23,30)
x-timer: S1712079921.234269,VS0,VE0
etag: "abae657dc197a02b4321e2a6fa43d2c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 43, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/213e253f2ac4d93348425fba8302d34d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a347a273154ab74858bf90d5700e06b431498653da3902896fc7ad7e42fb22fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/213e253f2ac4d93348425fba8302d34d.png
age: 473503
edge-cache-tag: 605692396524399103138229600204090857597,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605692396524399103138229600204090857597,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 109
expiration: expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://stylesandeals.com/
content-length: 65391
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kcgs7200141-IAD, cache-lax-kwhp1940048-LAX, cache-iad-kiad7000144-IAD, cache-ams21082-AMS
last-modified: Tue, 27 Feb 2024 15:30:50 GMT
server: nginx
surrogate-reporting: width=740,height=412,bytes=65391,owidth=1920,oheight=1440,obytes=4425704,ef=(1,13,17,23,30)
x-timer: S1712079921.234562,VS0,VE0
etag: "e758368ce38de5786426ab57a30d6162"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 6, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 667638a38b57298a015cb48616f479cf3e122f18e96bc9cd81d1467b3152769c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3db4e6a2b0856eed8aa958deba38e40.jpg
age: 3394466
edge-cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 564283949368560828834606406647251222695,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 147
expiration: expiry-date="Thu, 07 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.franceguyane.fr/
content-length: 16432
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200071-IAD, cache-ewr18179-EWR, cache-iad-kiad7000176-IAD, cache-ams21082-AMS
last-modified: Mon, 05 Feb 2024 11:41:59 GMT
server: nginx
surrogate-reporting: width=1344,height=746,bytes=64332,owidth=1344,oheight=768,obytes=70735,ef=(1,13,17,23,30)
x-timer: S1712079921.234911,VS0,VE0
etag: "b209a07dce03cc550512484c23d5529d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1766, 12

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5967 0
195 B 64ms
17ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=89973457041&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 5967 15 B
412 B 85ms
26ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5967 0
194 B 79ms
34ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=2322033351&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ Frame 6A6E 11 KB
5 KB 61ms
20ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fultrasurfing.com
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ff4a59a1e763c94313fc6e3e617ca1fc4a83c32e23e37304b623744a610537e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

expires: Wed, 03 Apr 2024 17:45:21 GMT
date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 00:02:43 GMT
server: nginx
etag: W/"660b4b23-2ac7"
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: max-age=86400
x-proxy-cache: HIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/683a5116026f5577e2d9fe8aeb9c4659.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: be7d7f91d35c596c975c8d19c8bd0e1e5208491225aa332362c3b0abea9c01a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/683a5116026f5577e2d9fe8aeb9c4659.jpeg
age: 2277428
edge-cache-tag: 459729608773163097971268169444939181805,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 459729608773163097971268169444939181805,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 212
expiration: expiry-date="Sat, 16 Mar 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://iranianuk.com/
content-length: 12574
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kjyo7100127-IAD, cache-iad-kcgs7200062-IAD, cache-ams21082-AMS
last-modified: Wed, 14 Feb 2024 15:49:45 GMT
server: nginx
surrogate-reporting: width=600,height=333,bytes=18512,owidth=600,oheight=400,obytes=27144,ef=(1,13,17,23,30)
x-timer: S1712079921.254413,VS0,VE0
etag: "4f4a33997ebb384ec2cd8e4aeef078ce"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 9, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1dae73580dd1bdcda70c51b86962fdc95f502c58bbdae06984df2ee07df5f351

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 0
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98d4a035fe862df785d93baebf17dd3f.jpg
age: 5193035
edge-cache-tag: 544211193292261258242371404021740651035,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544211193292261258242371404021740651035,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 202
req-referer: https://cdn.taboola.com/
content-length: 50662
x-request-id: bfee6733178427f54786ad9f73896458
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kiad7000066-IAD, cache-lga21942-LGA, cache-iad-kcgs7200045-IAD, cache-ams21082-AMS
last-modified: Thu, 01 Feb 2024 21:45:01 GMT
server: nginx
surrogate-reporting: width=1280,height=711,bytes=132793,owidth=1280,oheight=768,obytes=492551,ef=(1,13,17,23,30)
x-timer: S1712079921.254174,VS0,VE0
etag: "b287c506ea25d931bece6e7c90a956d9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 374, 3

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6A6E 0
194 B 69ms
33ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=61741037620&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6A6E 0
194 B 136ms
101ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.33.2&cb=81440635769&lsavail=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 6A6E 15 B
413 B 73ms
26ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6A6E 0
0 58ms
58ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvLnwruSHyQ5LjmAEpU5i49J9JFEsAmUkSURjg5-57mwsxCX_vbNNXylRvQn4_C50R96-GpGRGUFv7Tb8Ibn2HIbi6wIDxFn599MwUzNQxYCDGUiq3KEj3TGolu5bMRG9qmuVFLJ_wFJrf7DlR4A9gS0pBDZ3PXWP3qD2MG0gs6uZ2U6uu9r8dT21fUVq3o9GBuPSM9ALIH7cDH8k7UOvsmxnkBvp-W7KScfqhWYbG31ZFyniGo66RHotqRwV4zDtPSRzQ-IrwXkQfHLUNmkB_d2dReBGh4MLuiaPGZulvDZh9kaRIVJln3WMiIvX7y68tHM8mvPEQkykug5MkW8PhQQCS3s3mh8S_L1-nRHRsP19DE0iC_sGtqPrQv0_aIDRIlng&sig=Cg0ArKJSzKpwzWJx80g0EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 main_00004.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 194 KB
195 KB 18ms
18ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00004.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4895) /
Resource Hash: 8cdd7bd82471b5683491a3ebc8b1e3f8e640e679bd5bc4f16d9bc45cc42021d6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: hqr3x50DvpJ8mbaZJ2BNpQ==
age: 11508
x-cache: HIT
x-client-device: desktop
content-length: 199092
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:04:25 GMT
server: ECAcc (ama/4895)
etag: 0x8DB2555CD6300B9
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: d910e095-201e-0046-600a-856dc4000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
H/1.1 200
OK spt Show response
tg1.aniview.com/api/adserver/ 37 KB
9 KB 89ms
25ms Script
text/javascript 2a02:26f0:3500:f96::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=650be2402f68fb908203cf88&AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/custom/taboola/wrapper/avTaboolaWrapper.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:f96::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 70ee952a13312d09feba4f1c3adb8faa159d210962789923d9bb907b5a98e4c6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-bamboo-c-skst: 1
Content-Encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
Date: Tue, 02 Apr 2024 17:45:21 GMT
Critical-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Connection: keep-alive
Content-Length: 8683
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Expires: Tue, 02 Apr 2024 17:50:21 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=172&cisd=convusmp&cipid=66361655&crid=-1&dast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&cmcv=&pix=undefined&cb=1712079921291&uv=3391&tms=1712079921291&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!aniviewInteg2-in_vA!aniviewInteg2_vA!mprdct01val_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-length: 0
server: nginx

GET
H2 200 main_00005.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 197 KB
197 KB 19ms
19ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00005.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4895) /
Resource Hash: f2b33df5149000b512c5cbb2d2c285370abddbab4e1a3839b9e9a275ab405eb5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: JFcnY/aBQTXV8bQzFyuaVA==
age: 11506
x-cache: HIT
x-client-device: desktop
content-length: 201912
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:52:08 GMT
server: ECAcc (ama/4895)
etag: 0x8DB255C785CFCEB
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: f7292b5e-101e-003f-540a-8591e0000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 5967 632 B
341 B 136ms
135ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=666641027462883&correlator=4133755718194318&output=ldjh&gdfp_req=1&vrg=202403270101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=7047%3A22861843909%2Capl%2Cdisplaypartner%2Cneerajanuj%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C320x50%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712079921329&lmt=1712079921&adxs=237&adys=920&biw=1600&bih=1113&isw=120&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=d7grttcm0qtl&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&nhd=1&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=120x-1&msz=336x-1&fws=768&ohw=0&ga_vid=1185202783.1712079921&ga_sid=1712079921&ga_hid=72626452&ga_fc=false&dlt=1712079920803&idt=363&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26excl_cat%3DPREPOST&adks=1009314974&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

36c961d4bda3e7a6336735fa062d8ea741379a63a0c442ca85e398d2b253829f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5967 16 KB
12 KB 72ms
72ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

02ce1cedcb3a94243ea94b9bce738875bc5e2404f996933694cd28a36862035a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12059
x-xss-protection: 0

GET
H2 200 container.html
ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8AB 0
0 74ms
56ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:21 GMT
expires: Wed, 02 Apr 2025 17:45:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main_00006.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 140 KB
140 KB 18ms
18ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00006.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AC) /
Resource Hash: a234e14e4140830e1a6f309d5805f8423d41e40c601f285eb6e00707e396e646

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: L4EJy752dKHe/6wgr6TctA==
age: 11504
x-cache: HIT
x-client-device: desktop
content-length: 143444
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 14:02:03 GMT
server: ECAcc (ama/48AC)
etag: 0x8DB255DDADD3173
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: aee34d39-701e-0080-2f0a-85a645000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
H2 200 main_00007.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 92 KB
92 KB 19ms
19ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00007.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D8) /
Resource Hash: 3f97d39fb338688fc6cb9094776a4cfb20c3e919352f2e4be72c0694445cd76b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: 9k7X6uB62LsmeziYc625UA==
age: 11502
x-cache: HIT
x-client-device: desktop
content-length: 93812
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:00:12 GMT
server: ECAcc (ama/48D8)
etag: 0x8DB255536C55DB5
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: e1c667ea-801e-0060-440a-8525dc000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 6A6E 632 B
343 B 416ms
416ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=747484246602009&correlator=1293830773483842&eid=31079956%2C31081978%2C31081711&output=ldjh&gdfp_req=1&vrg=202403270101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=7047%3A22861843909%2Capl%2Cdisplaypartner%2Cneerajanuj%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C320x50%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712079921383&lmt=1712079921&adxs=957&adys=570&biw=1600&bih=1113&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=t4i85y35j2y0&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&nhd=1&url=https%3A%2F%2Fultrasurfing.com%2F&ref=https%3A%2F%2Fultrasurfing.com%2F&top=https%3A%2F%2Fultrasurfing.com%2F&vis=1&psz=300x-1&msz=336x-1&fws=768&ohw=0&ga_vid=1760217371.1712079921&ga_sid=1712079921&ga_hid=735732828&ga_fc=false&dlt=1712079920810&idt=347&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26excl_cat%3DPREPOST&adks=1009314974&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f9747335e73dc0dfb3f03d8648ffb9a176c062624f2b99d5ada6c6f3ecbbf40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6A6E 16 KB
12 KB 122ms
122ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

317bdac48ddf85fa16430919a8c2a68c9b0e3015e01ee1d808df67aedc4e0a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12256
x-xss-protection: 0

GET
H2 200 container.html
eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C33 0
0 69ms
55ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:21 GMT
expires: Wed, 02 Apr 2025 17:45:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 427 KB
125 KB 89ms
24ms Script
text/javascript 2a02:26f0:3500:2b::17cf:d25d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=650be2402f68fb908203cf88&AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2b::17cf:d25d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 75a4df7ae1563d685176d68da22828004eaf1575c29405edfc455ca8f6658574

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPqjykqnRMzwitk7_fFWfeI7kl_GOoLNQqxX8lHIr3QQzvr79Zi9Ae5Wd1VMErBeizQz6w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 127057
last-modified: Mon, 01 Apr 2024 11:26:19 GMT
server: UploadServer
etag: "c7ad8cb42b649c616383df4284ce3b7c"
vary: Accept-Encoding
x-goog-generation: 1711970779364930
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=9rxYNQ==, md5=x62MtCtknGFjg99ChM47fA==
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=300
x-goog-stored-content-length: 127057
accept-ranges: bytes
expires: Tue, 02 Apr 2024 17:50:21 GMT

GET
H2 200 track
track1.aniview.com/ 0
143 B 308ms
96ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=621cca388ba47d78a102e506&cid=650be20a322dd3b3af04c255&cb=1712079921391&r=ultrasurfing.com&stagid=650be2402f68fb908203cf88&stplid=650be2400e428e97720207a4&d35=&d65=IntentIQ_Control&d66=8&d74=&cd5=player_test&e=playerLoaded&str=autostart
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 main_00008.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 93 KB
94 KB 19ms
19ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00008.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48ED) /
Resource Hash: 5a8d6dc0a2d5e85aa273eb4b7f06eb6cb64707786c77546070d1031643bd6681

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: 3LC1BHXpwb7jbxRZ25mRkg==
age: 11500
x-cache: HIT
x-client-device: desktop
content-length: 95692
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:52:50 GMT
server: ECAcc (ama/48ED)
etag: 0x8DB255C913E6A7E
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: 42677960-b01e-0036-350a-85d433000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5967 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 17:45:21 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3A8 0
0 53ms
52ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 11671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 14:30:50 GMT
expires: Wed, 02 Apr 2025 14:30:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6A6E 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 17:45:21 GMT

GET
H2 200 ui.js Show response
player.avplayer.com/script/8.3/v/ 328 KB
78 KB 24ms
23ms Script
text/javascript 2a02:26f0:3500:2b::17cf:d25d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/ui.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2b::17cf:d25d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f05d12d238f369860eab896e680d82ed9ab09ac6952eead792a388e538016c8e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrdE9B1wDC3DP2muMcChyAORpFteHafQ2K5l-68AHfDbZ4Ttgm5rIKkQxmJk30zcYdx71Ez57vWHA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 78918
last-modified: Mon, 01 Apr 2024 11:26:19 GMT
server: UploadServer
etag: "672b7ae86066ec5bab77f2a89595a6d3"
vary: Accept-Encoding
x-goog-generation: 1711970779632760
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=jzr8pg==, md5=Zyt66GBm7Furd/KolZWm0w==
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=300
x-goog-stored-content-length: 78918
accept-ranges: bytes
expires: Tue, 02 Apr 2024 17:50:21 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CDD 0
0 52ms
52ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 11671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 14:30:50 GMT
expires: Wed, 02 Apr 2025 14:30:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sprite.svg Show response
player.avplayer.com/script/8.3/v/assets/ 15 KB
5 KB 81ms
25ms Fetch
image/svg+xml 2a02:26f0:3500:2b::17cf:d25d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/sprite.svg
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2b::17cf:d25d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d21c993033d528a5c7b46ec8d39524bdeb90a1f5eca1b951222ee36bc72b7198

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: image/svg
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPp_sYEl4V3dJ76Qc8NzJOcj7276Uz0fj7zyPvMN9Sro3d7-fB7IGH00Seo36aui9QZ7QBI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 4858
last-modified: Mon, 01 Apr 2024 11:26:19 GMT
server: UploadServer
etag: "12f010e7aa53c7e275c73994ea382f43"
vary: Accept-Encoding
x-goog-generation: 1711970779194499
content-type: image/svg+xml; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=uFsoPA==, md5=EvAQ56pTx+J1xzmU6jgvQw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, max-age=300
x-goog-stored-content-length: 4858
accept-ranges: bytes
expires: Tue, 02 Apr 2024 17:50:21 GMT

GET
H/1.1 200
OK AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 5D43 478 KB
139 KB 328ms
26ms Script
text/javascript 2a02:26f0:3500:2b::17cf:d25a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2b::17cf:d25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 453652b8b27fc8862c74e1f1698119d0d90b9a3ad20622067cf4324f839d2307

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:45:21 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABPtcPr2boJJafqJ9VpK4hLg1fve0B8sl0HA8FcVXfEONS33jGeOi-t0cSp06NmkLrDWD5yqTmbc08jaxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 141486
Last-Modified: Tue, 02 Apr 2024 12:56:38 GMT
Server: UploadServer
ETag: "55fcd5f493979b4b62c0287bb561c422"
Vary: Accept-Encoding
x-goog-generation: 1712062597962197
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=QysrXw==, md5=VfzV9JOXm0tiwCh7tWHEIg==
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, no-transform, max-age=900
x-goog-stored-content-length: 141486
Accept-Ranges: bytes
Expires: Tue, 02 Apr 2024 18:00:21 GMT

GET
H2 206 mp4_480.mp4
magazine-api.taboola.com/video-content/1133944840857549937/flavours/ 64 KB
0 25ms
18ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://magazine-api.taboola.com/video-content/1133944840857549937/flavours/mp4_480.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish
x-amz-request-id: 198MWFQG78Q2K09Q
age: 13190
x-cache: HIT
Content-Range: bytes 0-23890770/23890771
Content-Length: 23890771
x-amz-id-2: f1EmE+sXnLHbUUDWEQaWIQW9C3+Q5QClxUa/U54NMu31Xp0jjYjDVza7SYFJaVVpAe7whLG38Ns=
x-served-by: cache-ams21082-AMS
last-modified: Mon, 20 Jun 2022 18:05:05 GMT
server: AmazonS3
etag: "74cbb10c00dde5bd4c98c66b2dbb1d67-3"
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B5B 0
0 57ms
57ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B5B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f65ab34c39e281e5b994bb2aa1c2987c1b0a12c938bc9bb7490ba85ca12bdc6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0B5B 0
0 60ms
60ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRoX_GzkGuS_QxrrqPdVBcS_EdJwMJs9QWD1GweIRDUgEm5FJdH72-ZuYPzNu_fDwQwIkPfuEZoz8Ozva2h2hX9o6x60sad1mNHmDM-F-tujtBC6AjVFpxBDTJltA2Q2akSWmyKaeeAnR0nJdI1HuWSQ5Skfr_JFEN7cKhSZYNiFSV_7-PJwyWIcJzS61vUeYmO8Ygc3mB4o6E7sceQVWDbAhQ9olqirLPXBsuSdLxZFAQqHO4hRfOmQQmARWO7AipBFY15hn4oJPGIiRLpjB0eOIiWoNVGEAE-oe3SVe7vhpk41tFggb1xs811vKF7iEdnE8cg19ovZT5npjxzm-5UY5sIm1qJqv8lbdau_8Un0rjEeiOdUIEDuTA5G8GY61MwQ&sig=Cg0ArKJSzDwLSdADCTNEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 206 mp4_480.mp4
magazine-api.taboola.com/video-content/1133944840857549937/flavours/ 160 KB
0 64ms
63ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://magazine-api.taboola.com/video-content/1133944840857549937/flavours/mp4_480.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=23625728-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish
x-amz-request-id: 198MWFQG78Q2K09Q
age: 13190
x-cache: HIT
Content-Range: bytes 23625728-23890770/23890771
Content-Length: 265043
x-amz-id-2: f1EmE+sXnLHbUUDWEQaWIQW9C3+Q5QClxUa/U54NMu31Xp0jjYjDVza7SYFJaVVpAe7whLG38Ns=
x-served-by: cache-ams21082-AMS
last-modified: Mon, 20 Jun 2022 18:05:05 GMT
server: AmazonS3
etag: "74cbb10c00dde5bd4c98c66b2dbb1d67-3"
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0

GET
H2 200 main_00009.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 72 KB
72 KB 20ms
20ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00009.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D5) /
Resource Hash: 52e0074f60a4acacb7b3086c13ebbd2780173abcfec52a912fa435f265aa2880

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: YnKooiyuIhVW7yvG1HUWpA==
age: 11443
x-cache: HIT
x-client-device: desktop
content-length: 73487
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:26:25 GMT
server: ECAcc (ama/48D5)
etag: 0x8DB2558E02341CA
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: 53ccb350-401e-000d-330a-859197000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
305 B 38ms
37ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?tvi2=15813&tvi50=15661&route=AM%3AAM%3AV&lti=deflated&bulkSize=14
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 897
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21082-AMS
pragma: no-cache
server: nginx
x-timer: S1712079922.805659,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 mp4_480.mp4
magazine-api.taboola.com/video-content/1133944840857549937/flavours/ 131 KB
131 KB 33ms
32ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://magazine-api.taboola.com/video-content/1133944840857549937/flavours/mp4_480.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dbe8a337504e0cd49b1763d49cc83d4d84abc84c2df5233deda38909b1fed6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=23756800-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish
x-amz-request-id: 198MWFQG78Q2K09Q
age: 13190
x-cache: HIT
Content-Range: bytes 23756800-23890770/23890771
Content-Length: 133971
x-amz-id-2: f1EmE+sXnLHbUUDWEQaWIQW9C3+Q5QClxUa/U54NMu31Xp0jjYjDVza7SYFJaVVpAe7whLG38Ns=
x-served-by: cache-ams21082-AMS
last-modified: Mon, 20 Jun 2022 18:05:05 GMT
server: AmazonS3
etag: "74cbb10c00dde5bd4c98c66b2dbb1d67-3"
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0

GET
H2 206 mp4_480.mp4
magazine-api.taboola.com/video-content/1133944840857549937/flavours/ 3 MB
0 18ms
18ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://magazine-api.taboola.com/video-content/1133944840857549937/flavours/mp4_480.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ultrasurfing.com/
Range: bytes=65536-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish
x-amz-request-id: 198MWFQG78Q2K09Q
age: 13190
x-cache: HIT
Content-Range: bytes 65536-23890770/23890771
Content-Length: 23825235
x-amz-id-2: f1EmE+sXnLHbUUDWEQaWIQW9C3+Q5QClxUa/U54NMu31Xp0jjYjDVza7SYFJaVVpAe7whLG38Ns=
x-served-by: cache-ams21082-AMS
last-modified: Mon, 20 Jun 2022 18:05:05 GMT
server: AmazonS3
etag: "74cbb10c00dde5bd4c98c66b2dbb1d67-3"
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
762 B 124ms
124ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 varnish
x-amz-request-id: ZFRPC3PFTHSKWAJC
age: 21196
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by: cache-ams21082-AMS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1712079922.879282,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1740

GET
H2 200 main_00009.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 118 KB
119 KB 19ms
19ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00009.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B4) /
Resource Hash: 66f22eccc4875c142219d1f10790a52b9baa3a175ee9ff687e8532757c46cf28

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:21 GMT
content-md5: 82quZtj4qsaUeIPhNVMyew==
age: 11444
x-cache: HIT
x-client-device: desktop
content-length: 121260
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:00:42 GMT
server: ECAcc (ama/48B4)
etag: 0x8DB255548A882F7
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: 488d1501-901e-001e-1a0a-85b59b000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:21 GMT

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 573 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 224 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
4 KB 421ms
161ms XHR
application/json 173.0.146.6
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_CDIM5=player_test&AV_SCHAIN=1.0%2C1!taboola.com%2C1110515%2C1%2C-236952332&AV_PLHOLDER=6&AV_TAGID=650be2402f68fb908203cf88&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fultrasurfing.com%2F&AV_CHANNELID=650be20a322dd3b3af04c255&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=ultrasurfing.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=650be2402f68fb908203cf88&AV_TEMPLATE=650be2400e428e97720207a4&AV_GPID=/621cca388ba47d78a102e506/650be2402f68fb908203cf88/ultrasurfing.com&d36=6.2.199&responsive=1&sver=4&avtoken=922071&omv=1.0.1&AV_D65=IntentIQ_Control&AV_D66=8.5.2&clsid=2ee1e769-bf45-4885-a6e1-a14aadf6768c&rando=51&scnt=1&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1712079922075&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.0.146.6 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 1ec54f542dd65d2f3518d9bc1db30d16e79615feff3ec8ef98b01ea0e8ba4730

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:22 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
critical-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://ultrasurfing.com
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Fri, 22 Mar 2024 03:58:42 GMT

GET
H2 200 track
track1.aniview.com/ 0
142 B 98ms
97ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=ultrasurfing.com&sn=&cd5=player_test&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.199&apppkg=&fv=1&proto=https&d65=IntentIQ_Control&d66=8.5.2&clsid=2ee1e769-bf45-4885-a6e1-a14aadf6768c&rando=51&scnt=1&pid=621cca388ba47d78a102e506&cid=650be20a322dd3b3af04c255&stagid=650be2402f68fb908203cf88&stplid=650be2400e428e97720207a4&e=inventory&vi=74&cb=1712079922074
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 5967 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5967 42 B
64 B 58ms
58ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJ_9YCzkx_FZUmFWR3h4y1XSpRFRJdL_oXUdforoTKR3SRDegDoEXoIVTKiKlSN2ZWkfER99DnS2sOZneXwiJjdMFSoyfCq8Ebs7W_NHCjOo7Epk-976RZW62AYQVa-VKm_6QtJbN2Ok-6-L7fbtxw-Fh61Loqq-FvsXxz&sig=Cg0ArKJSzKeWzQ63svNeEAE&id=lidar2&mcvt=1004&p=370,345,970,465&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240401&bin=7&avms=nio&bs=1600,1113&mc=1&vu=1&app=0&itpl=19&adk=3554213942&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&vs=4&r=v&co=801272000&rst=1712079920803&rpt=398&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A6E 42 B
64 B 58ms
57ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0kJY01VWqwiIAewwvhSxpSrZvpx5jx9UQttZZ9PMgoTMqXY8wUal1Ku9Vgd7ZY9VXFs9uWyWFX-9e-jfBD9uIFqpdgHDbf4UZfyAuCudBsNl0UcqAy60alBkUP9urVrgoW-QUXSik-AGcGegme-_bTltaRmpFaXxz5pQz&sig=Cg0ArKJSzCa-Erh57QRHEAE&id=lidar2&mcvt=1000&p=370,975,620,1275&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240401&bin=7&avms=nio&bs=1600,1113&mc=1&vu=1&app=0&itpl=19&adk=2421283730&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&vs=4&r=v&co=801272000&rst=1712079920810&rpt=439&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 6A6E 0
0

POST
H/1.1 204
No Content multitracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame 5967 0
224 B 22ms
22ms XHR
text/plain 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ultrasurfing.com
Date: Tue, 02 Apr 2024 17:45:22 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H/1.1 204
No Content multitracking Show response
sghb.aplhb.adipolo.com/adunit/ Frame 6A6E 0
224 B 22ms
21ms XHR
text/plain 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/O6wro/hbw_master_755983_19102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ultrasurfing.com
Date: Tue, 02 Apr 2024 17:45:22 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
323 B 19ms
19ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=15813&tvi50=15661&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 2
date: Tue, 02 Apr 2024 17:45:22 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 927
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-ams21082-AMS
pragma: no-cache
server: nginx
x-timer: S1712079923.509790,VS0,VE2
content-type: image/gif
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 avpb8.38.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5D43 339 KB
104 KB 178ms
177ms Script
text/javascript 2.21.20.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-132.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5386b237068a97d747f16598ba0e764fa07eb92a68b8c49f4ac0ba5176d1eb16

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 02 Apr 2024 18:00:22 GMT
date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrbunD35uXLOjhYpQ2vqOxQtJL5KCCDUnKSGs43AcrxMrrhcReYeSmVT11NmTOPhCd1EfM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 106032
last-modified: Tue, 02 Apr 2024 12:56:38 GMT
server: UploadServer
etag: "2b3ea56950e970daedac650122cfb6cf"
vary: Accept-Encoding
x-goog-generation: 1712062598322035
x-goog-hash: crc32c=GqjEyg==, md5=Kz6laVDpcNrtrGUBIs+2zw==
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 106032
accept-ranges: bytes
quic-version: 0x00000001

GET
H3 200 avpb8.38.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5D43 73 KB
23 KB 250ms
250ms Script
text/javascript 2.21.20.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-132.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 1a3c73cdb200ce67d2ed7bf434bbfe2f7c16912e326f4ea1bf9ffb7d37bc3ad7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 02 Apr 2024 18:00:22 GMT
date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPoJ_eOGZ5D_dY_FJm58976vr8UmMwf33Lw23BYEOpgbRzi15WFdVVnSBTj4BNWuADGn3ks
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 23927
last-modified: Tue, 02 Apr 2024 12:56:38 GMT
server: UploadServer
etag: "ff82038a383313c7c997e798f7029297"
vary: Accept-Encoding
x-goog-generation: 1712062598297820
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=6HMlWA==, md5=/4IDijgzE8fJl+eY9wKSlw==
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 23927
accept-ranges: bytes
quic-version: 0x00000001

GET
H3 200 avpb8.38.0a2.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5D43 63 KB
20 KB 251ms
251ms Script
text/javascript 2.21.20.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0a2.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-132.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bc16257ccdeec4fda803b27d1219445acbc964d5f5b2e792e8e5d9ccc4061632

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 02 Apr 2024 18:00:22 GMT
date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrqGzCZ1ny4Qb4Ba7mzu6i-VNGfRIKbZSj1QCaByqM6iTOZlemU8uVxkmiplbCoYK6YpabnepZH2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 20393
last-modified: Tue, 02 Apr 2024 12:56:38 GMT
server: UploadServer
etag: "a7c19662934bad99ca59f6b4106a3b95"
vary: Accept-Encoding
x-goog-generation: 1712062598280730
x-goog-hash: crc32c=9dsu9A==, md5=p8GWYpNLrZnKWfa0EGo7lQ==
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 20393
accept-ranges: bytes
quic-version: 0x00000001

GET
H3 200 avpb8.38.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5D43 71 KB
23 KB 296ms
296ms Script
text/javascript 2.21.20.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-132.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: f4795d12882bf2a88f67576f4af38e0060377b1fa5cf1575e5f53d0d96552ace

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 02 Apr 2024 18:00:22 GMT
date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpEPC2A9Ch1kRL3Stf6ByddTG8XeenjJsAjIn0L77TtjTKvovUFMuy0doHD0py6CU5j6vwL-gFQTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 23833
last-modified: Tue, 02 Apr 2024 12:56:38 GMT
server: UploadServer
etag: "cea2493a5c32eb9321c188dd6f4f6462"
vary: Accept-Encoding
x-goog-generation: 1712062598196465
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=61wfew==, md5=zqJJOlwy65MhwYjdb09kYg==
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 23833
accept-ranges: bytes
quic-version: 0x00000001

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
366 B 251ms
55ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=62066&adtype=video&auc=ultrasurfing-instream-unit&w=640&h=360&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62297&requestId=20bc07158cb914&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&eids=&bidfloor=0.25&d=ultrasurfing.com&sp=https%253A%252F%252Fultrasurfing.com%252F&usp=&coppa=false&videoContext=instream&bcat=&badv=&bapp=&btype=&battr=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 02 Apr 2024 17:45:22 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://ultrasurfing.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
369 B 126ms
40ms XHR
application/json 52.19.185.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.185.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-185-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b9f40d9bc102543dfc95404f0ccdaa7605adad82580ecc617a1078c2927ad9b7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

POST
H2 204 64c7d6d6f0dba81d51b6b33f Show response
prebid.cootlogix.com/prebid/multi/ 0
320 B 317ms
102ms XHR
text/plain 138.197.53.255
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/64c7d6d6f0dba81d51b6b33f
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.53.255 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:22 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 252ms
199ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

58a56f9503bc87e93fe41b7a68f368a075e6c294194bda61957280025683e859

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:22 GMT
an-x-request-uuid: a9478508-75a2-4758-8723-c7699a256cc9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.231; 31.204.152.231; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
469 B 91ms
26ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: db1bfa42d673b3646e3c8577f23d3983c7ce95afbfe05a6d215bd9ed1c72f052

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.14.0
Content-Type: application/json
access-control-allow-origin: https://ultrasurfing.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
Expires: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 67ms
67ms XHR
text/javascript 13.35.57.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=IiJCdjacevB9v&cb=3&ws=1600x1113&v=24.305.1002&t=3000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A25%2C%22id%22%3A%22Adpushup_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&schain=1.0%2C1!adpushup.com%2Cd3a968baed143285b4c1d3a5eb89dcef%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.57.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-57-188.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:21 GMT
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3GbDpOIZKIHu3jDsZO-6ahgdMS_r8vqp8o3KBGFKNTn_Y01GSXvRtA==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B5B 42 B
64 B 59ms
59ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstME2KIFem_w0dIBeqgL48QzNR47O8c3Y4dv2ShuBf-qHN2HmiugLJMcYRVMOvcFSKTsaQeM94It_yj8Um6V-JoetBZxSaGJR7Z1f_YLFqxLX5R-0zhMyIgJITfPC9BvqfTi1cSbEJ-0nbT_-nyYh-Vmd9MMIIiX7KOnW8v&sig=Cg0ArKJSzJm9xr47gsMBEAE&id=lidar2&mcvt=1000&p=620,975,870,1275&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240401&bin=7&avms=nio&bs=1600,1113&mc=1&vu=1&app=0&itpl=19&adk=1980444126&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&vs=4&r=v&co=801272100&rst=1712079920815&rpt=887&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 17ms
17ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240401-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Apr 2024 17:45:22 GMT
x-amz-request-id: 081SX6Z0FQW0GJ1R
age: 1577
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: /0zMik6Ni4YfRkSzWHZyQyyvjLzptDPMYRRYEGrrsmraHcsVccNDTiKo0lnzw0ubJxaQG6B1aH4=
x-served-by: cache-ams21082-AMS
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1712079923.750288,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 14
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1501

GET
H2 200 / Show response
pips.taboola.com/ 4 B
141 B 23ms
16ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-ams21058-AMS
date: Tue, 02 Apr 2024 17:45:22 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 277ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=c9eb843b-438b-4198-aba9-218aa6c7d096-tuctd05c9b0&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTIzLjAuNjMxMi44Ng==&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTIz&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTIz&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 02 Apr 2024 17:45:23 GMT
cache-control: no-store
server: nginx

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ Frame 5D43 227 B
341 B 86ms
29ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid&t=1&src=id
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814fd06e3003ae0a0970fdd3a7b59e91cf3e8afa3fec26ef2efa38f73cb3d72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 86e2a1ddfec4008b-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 64ms
16ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 02 Apr 2024 17:45:22 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 5D43 184 B
474 B 38ms
37ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a703d3f434f3922de9d7419a383c9b391a94fc391f9f2bc99f777ca3d4465357

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.14.0
Content-Type: application/json
access-control-allow-origin: https://ultrasurfing.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H/1.1 200 swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 5D43 67 B
417 B 143ms
51ms Fetch
application/xml 2607:ae80:4::25
FREEWHEEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33727728&componentId=prebid&componentSubId=mustang&timestamp=1712079922904&_fw_bidfloor=0.2&_fw_bidfloorcur=USD&pbjs_version=8.38.0&pKey=-906615666&_fw_prebid_content=%7B%22title%22%3A%22Taboola%20video%22%2C%22url%22%3A%22https%3A%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F1133944840857549937%2Fflavours%2Fmp4_480.mp4%22%2C%22keywords%22%3A%22%22%2C%22id%22%3A%220fb1e623%22%2C%22len%22%3A0%7D&schain=1.0%2C1!taboola.com%2C1110515%2C1%2C-236952332!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%5D&withOMSDK=true&loc=https%3A%2F%2Fultrasurfing.com%2F&playerSize=400x225&video_context=instream&video_placement=3&video_plcmt=2
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 17:45:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ultrasurfing.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1712079922963047-547

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame 5D43 53 B
249 B 66ms
23ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 2eeedd56fdded69bf02bd8f1ab0d47480be5d05e59451974333829d5d1474c45

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 5D43 11 B
234 B 53ms
19ms Fetch
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:23 GMT
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5D43 186 B
566 B 166ms
66ms Fetch
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:22 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ultrasurfing.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bid.json Show response
reachms.bfmio.com/ Frame 5D43 0
303 B 431ms
185ms Fetch 34.237.162.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=49ea09a8-ef1c-4837-ee48-208a4a2f098b
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.162.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-162-144.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
server: nginx/1.24.0
accept-ch: Sec-CH-UA-Full-Version-List, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Model
vary: Origin
access-control-allow-origin: https://ultrasurfing.com
access-control-expose-headers: location
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 202 logs
http-intake.logs.datadoghq.com/api/v2/ 0
0 121ms
121ms Ping
application/json 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=450db60c9e5108400bd9a6539552f87a&ddsource=nodejs&service=instream
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:b1da:8e0b:412a:6e16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?fm=t&rt=xfp&lid=190&sdkv=h.3.631.0&e=44752052%2C44777649%2C44781409%2C95321947%2C95322027%2C95323893%2C95324128%2C95324210%2C95326337&id=ima_html5&c=3631647810109954&domain=ultrasurfing.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 5967 96 KB
31 KB 73ms
33ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:45:23 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 6A6E 96 KB
31 KB 79ms
50ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:45:23 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 4A3E 0
0 50ms
18ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 306663
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 5967 96 KB
31 KB 83ms
50ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:45:23 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 6A6E 96 KB
31 KB 58ms
33ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:45:23 GMT

GET
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 19 KB
6 KB 78ms
71ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1712079923343&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1627&pt=-174499583&tz=120&viewable=true&ddast=V994ACABYDAEbaiKq9H5I4BABG2oiqvR-SOAUAAAAABgYA9AcAJDkZLBee1WatnEwmbtFsZXErJyaHWzdaTUzLxWQ12fiGAECSk8Fy4Vlt1srJZOIWzVYWt3Jicrh1o9XEtFxMVpONbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAAAPAP____8QAAAAAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAP____8aAACUHAAJ8jedXpaTw-0PAAAAAAAQAAAAAAASAIABw-8SAACKrskTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAIshAG81lEttf55DIgAAgALhIgBGAAAAAAAfzJjnRwCTADoBoAKwqAL4___vtwIAuAIAAAhw_FTvqsoC0B2UeAsDAAAAABgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCT64UaQBAjXCkagC_gAAAawC_gAAAbADjBgAA8AYQAAcQdAAErRgMVgeQQIPNZrKYrYazAwAAAAC4A_j____XAwCB2WIx8phWpsVysHAsDKvRYmJabBwj08xm2Yw83gNICJc_w5PV4-oDCBGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-QFM2GK0mkw2y-FsuZgMhqPhaLQ_gIGYbAYIMBGD5XIyWUx2q9FqtBnuRrPBAgEEYjBBAIoWDSar0WiymAxXo8lqtlzsdhsEoGjVajbaDIar2WS2262Gg-FyNEKACVuMVpPJZjmcLReTwXA0HI2GCAAzzpXFONpM3KLNcOIWLZbDtcLicK4li-HCYdv4RoblbC16fUwnw2rjnBi2CCAYgLIXydMinahGht3I5ZosJpPFzDCYTGaO1Wg0sRlGk5lr5bJYxBLNySKdyC77wmyxGHlMK9NiOVg4FobVaDExLTaOkWlms2xGHn_HubIYR5uJW7QZTtyixXK4VlgczrVkMVw4bBvfyLCcrUWvj-lkWG2cE8O-sVtMBrvlcjLYN3aLyWC3XE4G-w6T6Zn6nI3iWk7iURm3xc1feHMaFC6Dxfs7WqSxW29mVCnDFovqt57-Jlah3-_3-_1-v9_v927MBo_BYDhpu8GabXK7lo6OZ8GgiCWCi3SiOpsuD8_rcnOrzqbLw_O63CxiidJ0kU70Rb_bZXj4XP6KWCI4XaQTod_tsqj_COAwi7lkMJorVpO5ZLNYJQAAAAAAAAAAgCUATICZADcBAAAAADgBDGSzWGxW6wQ4iM1mNNutlgsAABE_rwsADAIAAAAAALALgF4UNm6ll2pXDNAY4DHARJ1Nl4fndbm5VWfT5eF5XW5WBgCAiGdnBtgM8BmAINZqtawBAAAABLABAAAAArgBdAPwBhDQIsUB_v___8cBAAAAyMgB0AMAAADQ7wMAKY1cK_TAkfIDFMRqNlvsHwBAgEKs1Wp1u7FWqxUQQBCz4WwCAf____8EAQAAAAAAAD0tBQH_________wwYBAAAAAAAAPXEIAQLbbkLAhYA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!aniviewInteg2-in_vA!aniviewInteg2_vA!mprdct01val_vB!smbs!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&subu=3&epp=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/custom/taboola/wrapper/avTaboolaWrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bfacea8e1a606d91c5206c1309219fcd784e90a297e2cfe8e528201dcc44501e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 02 Apr 2024 17:45:23 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1466
x-cache: MISS
x-served-by: cache-ams21082-AMS
pragma: no-cache
server: nginx
x-timer: S1712079923.360592,VS0,VE53
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame F26D 0
0 20ms
20ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultrasurfing.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Apr 2024 17:45:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 1148913
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 17ms
17ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ultrasurfing.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 02 Apr 2024 17:45:23 GMT

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 5D43 11 B
233 B 19ms
19ms Fetch
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:23 GMT
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://ultrasurfing.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 5D43 184 B
473 B 27ms
27ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: caff4a3d0519361a0357e17e12b528e800a7a9188e42cb0b3408c34d3e67a47c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.14.0
Content-Type: application/json
access-control-allow-origin: https://ultrasurfing.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

POST
H2 204 bid.json Show response
reachms.bfmio.com/ Frame 5D43 0
301 B 117ms
117ms Fetch 34.237.162.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=49ea09a8-ef1c-4837-ee48-208a4a2f098b
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.162.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-162-144.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 02 Apr 2024 17:45:23 GMT
server: nginx/1.24.0
accept-ch: Sec-CH-UA-Full-Version-List, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Model
vary: Origin
access-control-allow-origin: https://ultrasurfing.com
access-control-expose-headers: location
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main_00010.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 68 KB
68 KB 18ms
18ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00010.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B2) /
Resource Hash: 2d17e7c7373031e4f641073c01fd997368110f62832b986c502ae106c972717e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:23 GMT
content-md5: 5M2BYIYBGJfDMn9WMZjeBA==
age: 11444
x-cache: HIT
x-client-device: desktop
content-length: 69598
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:08:50 GMT
server: ECAcc (ama/48B2)
etag: 0x8DB25566B577BEF
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: 755837a4-a01e-0015-1e0a-854ef0000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:23 GMT

GET
H/1.1 200 sync_iframe
sync.bfmio.com/ Frame A2F2 0
0 409ms
100ms Document
text/html 52.54.14.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=49ea09a8-ef1c-4837-ee48-208a4a2f098b&gdpr=0&gc=&gce=1&us_privacy=&gpp=&gpp_sid=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.14.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-14-52.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 93
Content-Type: text/html
Date: Tue, 02 Apr 2024 17:45:23 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame ABFA 0
0 78ms
23ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Apr 2024 17:45:23 GMT
ETag: "2052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pd
taboola-d.openx.net/w/1.0/ Frame C55E 0
0 61ms
24ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/w/1.0/pd
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 02 Apr 2024 17:45:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
497 B 17ms
17ms Image
image/gif 2607:ae80:4::25
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 17:45:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1712079923844013-570

GET
H2 200 main_00010.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 118 KB
118 KB 20ms
20ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00010.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C0) /
Resource Hash: 190679c2e42a418127144b87635739550d3ced85642fe2018047b08e6892c580

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:45:23 GMT
content-md5: Rk4TxVJiXwBBDnFjEOyzVA==
age: 11445
x-cache: HIT
x-client-device: desktop
content-length: 120696
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:10:05 GMT
server: ECAcc (ama/48C0)
etag: 0x8DB25569809F719
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: 22aa89c4-c01e-0013-370a-857d4f000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:23 GMT

POST
H2 202 logs Show response
http-intake.logs.us5.datadoghq.com/api/v2/ 2 B
249 B 180ms
133ms Fetch
application/json 2600:1901:0:8a8e::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.us5.datadoghq.com/api/v2/logs?dd-api-key=7854699c55cf56127736e336b120a38b&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:8a8e:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Apr 2024 17:45:24 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
17ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 02 Apr 2024 17:45:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 197581
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 5967 2 B
374 B 17ms
17ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 202351
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 5967 135 B
416 B 83ms
25ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 204 /
onetag-sys.com/usync/ Frame 69BF 0
0 70ms
24ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712079921326

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 17ms
17ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 02 Apr 2024 17:45:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 236495
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 6A6E 2 B
374 B 18ms
17ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&pbt=1&lsw=1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 222707
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 6A6E 135 B
417 B 28ms
24ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 204 /
onetag-sys.com/usync/ Frame 86E8 0
0 25ms
25ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712079921325

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 6A6E 33 B
276 B 87ms
26ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e38e5510ace5a5b11bab95721f5a78402838a6a0941abe95d9b33a7588743192

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 5967 33 B
275 B 90ms
29ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

177acbc07b5869652accf4053f163b7b37d7dd3f8569c93a8c62e90cff53ef7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 692.json Show response
id5-sync.com/g/v2/ Frame 6A6E 251 B
448 B 74ms
25ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

ddd1552af005990ce2f22dd3e8dc4cc3472d413a2a228868a8f141c871aedef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

POST
H2 200 692.json Show response
id5-sync.com/g/v2/ Frame 5967 251 B
447 B 58ms
25ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_755983_19102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

f5f6785cc25ca73379c52d12ffd257fb725429d1dab056c8d3cdb77dfd9f1d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ultrasurfing.com
date: Tue, 02 Apr 2024 17:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je4410v886690812za200&_p=1712079919270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=444144319.1712079919&ul=en-us&sr=800x600&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=3&sid=1712079919&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=ap_page_view&epn.siteid=45157&_et=1&tfd=5987
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main_00011.aac Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 68 KB
69 KB 199ms
198ms XHR
audio/x-aac 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00011.aac
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7374e570a4d955ad958f19ce9a42a5e805ccdcaa5f7e4dbc13346f1e45b56590

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:41:41 GMT
content-md5: 08PUrMNljYnFadHxNRMVYQ==
x-client-device: desktop
content-length: 70065
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:00:25 GMT
server: nginx/1.18.0
etag: 0x8DB25553E9F69CE
content-type: audio/x-aac
access-control-allow-origin: *
x-ms-request-id: c7d21b45-901e-001e-3325-85b59b000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:25 GMT

GET
H2 200 /
sync.cootlogix.com/api/sync/image/ 43 B
355 B 289ms
91ms Image
image/gif 67.205.186.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.cootlogix.com/api/sync/image/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.186.47 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:26 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 97ms
25ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=20dd24da-1317-41fe-bf94-acb780af2caf

0
571 B

244ms
55ms

Image
text/html

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=20dd24da-1317-41fe-bf94-acb780af2caf
Protocol: HTTP/1.1
Server: 212.36.83.246 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 17:45:26 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:45:25 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=20dd24da-1317-41fe-bf94-acb780af2caf
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=995c6936-488e-4bf5-95ac-67c3189ed2aa&google_hm=OTk1YzY5MzYtNDg4ZS00YmY1LTk1YWMtNjdjMzE4OWVkMmFh...
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=995c6936-488e-4bf5-95ac-67c3189ed2aa&google_hm=OTk1YzY5MzYtNDg4ZS00YmY1LTk1YWMtNjdjMzE4OWVkMm...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAf38RfJdOqvWVDrE2G9rck&google_cver=1&ssp=vidoomy&bsw_param=995c6936-488e-4bf5-95ac-67c3189ed2aa&gdpr_consent=&gdpr=0
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=995c6936-488e-4bf5-95ac-67c3189ed2aa

43 B
650 B

197ms
53ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=995c6936-488e-4bf5-95ac-67c3189ed2aa
Protocol: HTTP/1.1
Server: 212.36.83.245 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Tue, 02 Apr 2024 17:45:26 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=995c6936-488e-4bf5-95ac-67c3189ed2aa
Date: Tue, 02 Apr 2024 17:45:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553

43 B
670 B

220ms
57ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553
Protocol: HTTP/1.1
Server: 212.36.83.245 Barbera Del Valles, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Tue, 02 Apr 2024 17:45:26 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

date: Tue, 02 Apr 2024 17:45:26 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=faf593e2-21f6-4c1b-9ddd-d901b10582c3-660c4435-5553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cookie
cm.adform.net/ 35 B
474 B 144ms
44ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:45:26 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 main_00011.ts Show response
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 207 KB
207 KB 455ms
455ms XHR
video/mp2t 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00011.ts
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45157/apInstreamBundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 84e50a065e20f3686e6333c62392486dbea01d1ff235c915f7014879e170cf0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-client-geo: NL
x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 17:41:41 GMT
content-md5: GR2AQdNF9HSPF1ongfuIRQ==
x-client-device: desktop
content-length: 212064
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 13:51:28 GMT
server: nginx/1.18.0
etag: 0x8DB255C600E1618
content-type: video/mp2t
access-control-allow-origin: *
x-ms-request-id: a33ffd75-701e-0064-1b25-85a8db000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
x-robots-tag: noindex
expires: Wed, 02 Apr 2025 17:45:26 GMT

POST
H2 200 track
track1.aniview.com/ Frame 5D43 0
145 B 99ms
98ms Ping
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=39681&t=1712079922&cip=31.204.152.231&sn=&tgt=0&osv=10&bv=123.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=3e7a5def3a9493c2515178202e888228&d63=3e7a5def3a9493c2515178202e888228&aafaid=&proto=https&uid=1712079922401-172024139106-000935-013-009542&stagid=650be2402f68fb908203cf88&stplid=650be2400e428e97720207a4&d35=&d36=6.2.199&cb=92138058757&d39=&d65=IntentIQ_Control&d66=8.5.2&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd5=player_test&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ultrasurfing.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 02 Apr 2024 17:45:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET main_00012.aac
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/ 0
0

GET main_00012.ts
video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403270101&jk=3804468145865180&bg=!5uWl5arNAAYQOWS2MDk7ADQBe5WfOK1Ic8rARXapbbEO63CcwHpL-6-4y_yJBJd3Og2Jlw6_Bnx8vUeZsGoEqJqneet1AgAAACtSAAAAAWgBB34ANWeHoDLlRyZ5piF2b1knF6Y1rz1OSjsgzS2XJarpBq0cGHORV4zQ5NOSbG-qi_Jc8q72dgXFmQKbZIN3OUb5ZVsBTt4IKr8AvBC2-JyKKuDQPQgNpbm27pokIFV9JafnCzrxfQoeYp3v27L5Cjx3wrNJX0j6M6V_-uveYz0hftOTHys26eU0SlsxZvg-xGU1qU2o7a3q3GMmtdsENT7O-wGkXyPjU5kaudRGPT5r2ERfU4tIZJFSUzgM132VtGRmUqmr7VxAjptvpRl2TBrskNDMBozeLOu2bl7wuI6N2JS-7O9nYGRUPyJ8Yf9Ft_vys0W6wHa_5ZQtTnVindKLGsN8LIz4j__03uQyrwZiAGzjQ3qdtZ3s4WoxblIhY4Uf65lUVNfdjh6LvCE8eIJk-E6EAEH8tXR5PatzghbZhDIVRtzlLYH7-cpiKu0HRop3slWSzpcMKqOsvqKwu_j1mgPSL1kvteKL40CcsAv4O8z8_L647YHsd8pOr2uJ4_LVZtIdFGG1YLiXcMU0kpMZeZg143UhfU3BQ9IIW-QzJ0j_wfkkuzUctPO9rKE8i0-HvSmw7dVGwxRYNtJ2h_JI6olwt05dnI4xL2iV0duzyFNVKv-hR2_9A66WG6jLTZEoI8_bo2hm2nrD1JSEHILmmmSb9yBHVAMylsyhxsO4YK6Bi8BAYjoSMl6NygJo_ZSuXHK1O65eEANFre4Yh4xy8s-dm1XcekZHScVK_IqFlF_rOKDleecS04NwaKNXLgRkhFvuzIowzfbX78DYYZCehfbf-tcaoWiNPVCXTcu8Dxdj6JCf_M4LzYsxFmh2-B8h655TjZ-nbPgXmlTCGWYbN3eTjY8fTQeGkYFEDTvKbpL-g0GYdFo5F5hn06v7S6LsoNC3GXFobi-ftt3w32W2H3HHeP4YO7p_yMMJwpiU2Ssbev1VBwFVgzbZ6i6ufXr8q-cZGg

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403270101&jk=666641027462883&bg=!TU6lTgHNAAYQOWS2MDk7ADQBe5WfOHJ_0L2YMEOT_0RhXbjYqkb20-BdXiPczkJTiTxWvWZRQyDN9ILdXELrum8-5rGSAgAAADpSAAAAAWgBB34ANdpEa8k8GbMAjDx3URKyNSKxpKWte-YA3DAfg2ieTA6TNmfIbe4gXXOfhFhC8gnd71BVMb_mCgCgGMaukIMel8upqmIZQrLu99clPY8Xwbs4QDB3zFeTxIVLRvDBtVQ-M_j8ieE7Bnl2ZsOfxMHlTRD6GI5qLCE6PHPPHoM_zFEhdXtXynkI9NHWbwxKlAIe0HavKgQtZr3AdbLJVdydWp77hpylMY_Zbkk2UUqxbS9edxEDlJ76xr36E4K21-qISBAEdmbohNNIBuXliURN-xvql3YrYq7ZV5kCs2mJD30926qA1PLt8c0As-NxSvnoWZvaE0E5PyWE7lrpiwqKKuJ89Tnre45IMVUu0H0t1bQF33JpW2LILYSyr5zpeMI7Ji3RL9oa5au4A2miIRxdneEjoUTgeXSSANJIDPyfGNTJLYRv5ac1hCyVyv9GKfdJ1nVF4tNcdcsDsuqSuYYi6xIiXevrRn-fYenVShOSFDVVQoF0Z7jPqQbtaU5IiJl-ydnXls-6VhrcZnzSxDeQdhv-mXk1CMVUoeNRiEG7ILzeI0DnBH3Bd7iE0atSpSzUyZuUSAhWzLdJ8vpNDq3UmCDsvdRQvwcCZk5vskDf7_y8fNUq7r7MtBOZXVGR2ls_caciM1Oruo02OxHWup7d3T1pG6uun_vMaWTh2R-hyfJtp2qhHX3nL-YAnNjFfAyVdPr6HSWYwysP1AEy5GD4XWdk173bmN0UWH_k5AhieyQjkOYI3HLusuV0qW7UGrIyl1uXodvxQ2jPrrUDj4VRtkG1HUsf2FRBOCzAiArPwR2XLoaIyu6Mn56xkcg0Orm3Vucz2mLGsZPv3gu0CnxqZj3dEi6pzhwwQ7946DHmMjyD8HqJ6zSdvywSYWRiGsZ1rWPUbxXN0hOzzjW2YGV_TBTplwIqrBybfmSU6py6PXj7wLo2UVjJUzSnXGrrTMY3gf_2JpoFRtRVUkdVUARJcPZK-yS95nqu9W4gWNKLDktRINngDtvBIMsRx7a4mSEd6BeGQOxI15-krjKnS9Rzq2F_xaPUtnWwg2_C0yRyeOi37ynBDOv2bPP_Io60Xvk4u09uHrmInHUuVCm0PaHwmQfR0ZCfNP2fRdkPt9sTZftab9any7CCqwu_FqH5ISwctSq6SUP0GuLeXZPi99kq3V9obq9Y6AiSgPnig55POm4WGzEYiqTfU419X2nQxrs

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403270101&jk=747484246602009&bg=!np2lndLNAAYQOWS2MDk7ADQBe5WfOPnvuFAO2kwUKWcGOTmHLhPRYU210m6DnWWF-css24qLoTdH79vEr8x6MLdLtHUNAgAAADlSAAAAAmgBB34ANQ5rLy9zV1avnxRUBTPoQ9YK-W-gp-45492vwGepfKnUN_M-1zHHTeZuT8pSx30Frb9PFOlFCgBomIGWdvOET_N2BOL8o51cMoxiVE94CH2miMEeS_QCO50UrTjXdPhnf201iiZcn3rOdnDE_MK_8vx6XlVuy0zPb-xqA-GvAu7PZLqVMSIN9qh3um8zW5mDHKrKhcK7dw_6VyiD8tqqeRyZArp90CCWBfQPhHSHhC5MmH2ijMVTIdxmrwBcBzEPLUAdQbZUhOrDlTWfSuBCVJEmw9goVxwnzg3i8cGGDG_VVcwuKTTysYMv3gnf0dGaSHMIP8LmocCcBmhVwemc0OT06De-DGADOc86ptJKK7doT9SbjU2kEVW4jglgwmyH8ovw4CSeiaiuMos28rZRbUEHZjQ_eV-Tk0a3CDQkmjeHXFS38CVHrpdErrRRKscz6XAN5nskUe4zSIoyDuMyJgYMZpV-k5GT19kvNNaKBJGrBSfxsL97Q5UtHf9DzbIqH0deTIlnJeRX4m9P3SyEz8BNwz1YgAgH0-iM2GrHbeqvX3zkmmGfxaOhn4MILbqsQsZ0Akl4dxqvdPqrGuGPC0Uozv_LZqY0xWnCqLdWgsLJur_6qHTrmi3kYL8NUbdNUdbvh8X39-jkD2HaOPYoykvz1DYzNGeCoOJBf9g937eg_yx4Odqr4YFChlNeohq6hwa7IL7Lbl48Mt4Bd7lcAj1gG_nfpK82EMk9ibMSGxA87KxvBqg0z2wjo13SyhVEVLDImB_LmSBTx2J9CJKSOjUFOVmBY-_Lpq5zlhnEawPd4kYH_qHoThNasHWlBISDYSct9148MMoCqQKE8xW70vva-75CanV0uQ3V8A53p3Ur-Dko3EcntalKAzq0dOVuC556YMTjxicWdVQGdjMYuGB8PZYCP3vyvk4Gd0pOc8jdiimsYmVQpCW55Q0vKYBwHEIVqv9wL86bByKeK4ND3e1OJ--6K8evF73zv1LHZREniX3gtf2bimcWJ9UOoiTWwaTITHQYhVBDRdV0dm9C2aUJrFKigho2PZ74PjLesIRiE432QWVicCIS0Wkn6W_9oosmPEowBi7n54Rcp9KQEKQmkGDcDkj0z9PB-HN855cp3HI1DUJy8QrGiHk03Q

Domain: video.adpushup.com
URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/eng/main_00012.aac

Domain: video.adpushup.com
URL: https://video.adpushup.com/instream/content/entertainment/netflixjunkie2/hls/360p/main_00012.ts

Verdicts & Comments Add Verdict or Comment

497 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ultrasurfing.com/	1970-01-20 19:36:06	Name: _gid Value: GA1.2.1113636327.1712079919
.ultrasurfing.com/	1970-01-20 19:34:39	Name: _gat_adpushupClientTracker Value: 1
.ultrasurfing.com/	1970-01-21 05:10:39	Name: _ga Value: GA1.1.444144319.1712079919
.ultrasurfing.com/	1970-01-21 05:10:39	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1712079919.1.0.1712079919.0.0.0
.quantserve.com/	1970-01-21 05:04:54	Name: mc Value: 660c442f-8a46c-1fb1d-a1752
.ultrasurfing.com/	1970-01-21 04:59:08	Name: __qca Value: P0-1668579317-1712079919408
ultrasurfing.com/	1970-01-20 20:17:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ultrasurfing.com/	1970-01-21 04:20:15	Name: _pubcid Value: a62683f5-aa00-4159-94de-21a6c207edc2
.ultrasurfing.com/	1970-01-21 05:10:39	Name: _ga_Y4YW22RJ0K Value: GS1.1.1712079920.1.0.1712079920.60.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: p-ssxwRDGeg
.youtube.com/	1970-01-20 23:53:51	Name: VISITOR_INFO1_LIVE Value: _qCChFxd6Ew
.youtube.com/	1970-01-20 23:53:51	Name: VISITOR_PRIVACY_METADATA Value: CgJOTBIIEgQSAgsMIE4%3D
.ultrasurfing.com/	1970-01-21 04:20:15	Name: FCNEC Value: %5B%5B%22AKsRol8UYYL9q4P8n6N2SiciVvzspzgTXTwnrT3YJVZu4ddDafo_n9jd1qC7ySvgmOGaJ1VU2QoiN3-7pmxBlSwC-9cWXYXqKzVFcDYuuVevEF7ysM7FQtcLLbpSC5tseF1eCMNwsI6rgnlLdiwBhi2Qj116US1qDg%3D%3D%22%5D%5D
.jscdn.greeter.me/	1970-01-20 19:34:41	Name: __cf_bm Value: 0bzcU527qwJsqPzcXuZznASZWtdo8gvI2LSYvT1eXG4-1712079920-1.0.1.1-0egacUQCv9s3TUCQNqjI2IkyCiUcFZA525xC49Af2Y2NQHEAFmdqqvjIMsjM7iMaCVHG2zGsKsSK7eronKHobQ
.taboola.com/	1970-01-21 04:20:15	Name: datadome Value: NWrjxpC7k03i9mocm~HDHC~FqzxzG4Q684055mrnVV0HKwEbI6UuspW8xTySCdoTBssoA7zS66sES51c5DG6vh4ukp1nqki0iLfbdtKaZ~Cs2IAfZklcIPOz4nHR~jSH
.ultrasurfing.com/	1970-01-21 04:20:15	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.ultrasurfing.com/	1970-01-20 23:53:51	Name: __eoi Value: ID=9f4fc30f9f417f61:T=1712079921:RT=1712079921:S=AA-AfjZh0pyYrrbW4yTMhuVjAaJ4
.aniview.com/	1970-01-20 20:03:27	Name: aniC Value: 1712079922401-172024139106-000935-013-009542
.adnxs.com/	1970-01-20 21:44:15	Name: XANDR_PANID Value: AcYP3TXo0RjTwz4T-a0H7BfXUze_SiNVOELMAHa5fl7JsYXNabG2F20XG9R27AmzcVt9C0Of0ORlr5S4I8jkIEFecNHnyOMWK4oVpFz1A3k.
.adnxs.com/	1970-01-20 21:44:15	Name: icu Value: ChgI_vV8EAoYASABKAEwsoixsAY4AUABSAEQsoixsAYYAA..
.adnxs.com/	1970-01-21 05:10:39	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:44:15	Name: uuid2 Value: 1881115693980580627
.cootlogix.com/	1970-01-20 20:17:51	Name: vdz_sync Value: f5d1adda-8b46-0f2e-45a0-4a8ecd3a8985
.criteo.com/	1970-01-21 04:56:15	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 04:56:15	Name: uid Value: 6d011150-3d84-4325-a398-aeadf22c7c4a
.ultrasurfing.com/	1970-01-21 04:56:15	Name: cto_bundle Value: z10KCV9NT09EYXZjUFhNY09IbHJMMDZTVkJmM0YwVEl6YjlHREtPdGdhek9SYUlqY3JDT1NmNTk3bWhqd1hvR0VKd0dqM2xIZEdzdTNtQmNlME1jeG1oVWVEV3BsWCUyRlJ2c2lSZVlzRDElMkZkWk8lMkZhcTRNSVEwZjlydXY3bmlwUm1GNlltTnBSeUpyRW5paEdLRnJzJTJGMGV1ZGlLMzN2MjlWenklMkIwWHhFUmQ0aGVKaHJZJTNE
.ads.stickyadstv.com/	1970-01-20 20:17:51	Name: UID Value: 2e74ba36ef55b719c9ee0e47410aa55
.openx.net/	1970-01-21 04:20:15	Name: i Value: caaf944c-030f-4de0-8ece-a44a65d3dddf%7C1712079925
.sitescout.com/	1970-01-21 04:20:15	Name: ssi Value: faf593e2-21f6-4c1b-9ddd-d901b10582c3#1712079925972
.bidswitch.net/	1970-01-21 04:20:15	Name: tuuid Value: 995c6936-488e-4bf5-95ac-67c3189ed2aa
.bidswitch.net/	1970-01-21 04:20:15	Name: c Value: 1712079925
.sitescout.com/	1970-01-20 20:17:51	Name: _ssuma Value: eyIzOSI6MTcxMjA3OTkyNTk5NiwiNyI6MTcxMjA3OTkyNTk5Nn0
.bidswitch.net/	1970-01-21 04:20:15	Name: tuuid_lu Value: 1712079926
.adform.net/	1970-01-20 21:01:03	Name: uid Value: 637535555864730157
.tapad.com/	1970-01-20 21:01:03	Name: TapAd_TS Value: 1712079926175
.tapad.com/	1970-01-20 21:01:03	Name: TapAd_DID Value: 217bbf7b-0793-482a-a567-7e29784bcc4b
.vidoomy.com/	1970-01-20 21:44:15	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJvcGVueCI6eyJ1aWQiOiIyMGRkMjRkYS0xMzE3LTQxZmUtYmY5NC1hY2I3ODBhZjJjYWYiLCJleHBpcmVzIjoiMjAyNC0wNC0xNlQxNzo0NToyNi4xODU3MzY0MDlaIn19LCJiZGF5IjoiMjAyNC0wNC0wMlQxNzo0NToyNi4xODU3MjA0NDhaIn0=
.tapad.com/	1970-01-20 21:01:03	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-21 04:56:15	Name: IDE Value: AHWqTUnPGvpljAE-MMRrf9ZtmVZ_VN9zvyhpnRQYzJPs62ZUVfiZI9ya5FSnHAOoZDk
.vidoomy.com/	1970-01-21 04:20:15	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6Ijk5NWM2OTM2LTQ4OGUtNGJmNS05NWFjLTY3YzMxODllZDJhYSIsImV4cGlyZXMiOjE3MTQ2NzE5MjZ9fX0=

113 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation	error	URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=621cca388ba47d78a102e506(Line 6) Message: Custom state pseudo classes are changing from ":--webkit-media-controls-play-button" to ":state(webkit-media-controls-play-button)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ultrasurfing.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.vidoomy.com
aax.amazon-adsystem.com
ads.stickyadstv.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
b4afb62d9fc9973b06f293e674500819.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
ca33aa7b5644c433e36e8679cd35bbac.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
config.aps.amazon-adsystem.com
d.vidoomy.com
delivery.adrecover.com
e3.adpushup.com
eeb3c924036df7e5e1825703c0e60c80.safeframe.googlesyndication.com
eus.rubiconproject.com
fundingchoicesmessages.google.com
go1.aniview.com
gum.criteo.com
http-intake.logs.datadoghq.com
http-intake.logs.us5.datadoghq.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js.genieessp.com
jscdn.greeter.me
keymap.adpushup.com
lb.eu-1-id5-sync.com
magazine-api.taboola.com
onetag-sys.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
prebid-server.rubiconproject.com
prebid.cootlogix.com
prg.smartadserver.com
proc.ad.cpe.dotomi.com
reachms.bfmio.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
sghb.aplhb.adipolo.com
static.criteo.net
stats.g.doubleclick.net
sync.bfmio.com
sync.cootlogix.com
sync.crwdcntrl.net
taboola-d.openx.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tg1.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
video.adpushup.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
pagead2.googlesyndication.com
video.adpushup.com
104.16.88.20
108.138.6.136
13.35.57.188
133.186.12.49
138.197.53.255
141.226.224.32
141.226.228.48
142.250.181.232
142.250.184.193
142.250.185.130
142.250.185.174
142.250.185.98
151.101.129.44
151.101.193.44
151.101.65.44
152.199.21.70
162.19.138.119
162.19.138.82
172.217.16.193
172.217.16.194
173.0.146.6
178.250.1.8
184.30.211.26
184.30.22.30
185.86.139.96
188.114.96.3
2.21.20.132
2001:4860:4802:32::36
212.36.83.245
212.36.83.246
216.239.34.178
23.97.225.52
2600:1901:0:8a8e::
2600:1f18:24e6:b901:b1da:8e0b:412a:6e16
2600:9000:223c:6000:6:44e3:f8c0:93a1
2606:4700:10::6816:545
2606:4700:4400::ac40:911d
2607:ae80:4::25
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:2b::17cf:d25a
2a02:26f0:3500:2b::17cf:d25d
2a02:26f0:3500:f96::2c79
2a02:fa8:8806:13::1460
2a04:4e42::649
2a0c:5c87:5241::2
34.111.113.62
34.237.162.144
34.248.72.127
34.36.216.150
35.214.149.91
35.227.252.103
35.244.159.8
37.157.5.133
37.252.172.123
45.133.44.3
45.133.44.4
46.228.174.115
51.75.86.98
51.89.9.252
52.19.185.1
52.54.14.52
54.155.211.205
65.9.66.68
67.205.186.47
69.173.144.137
69.173.144.165
96.46.186.186
99.86.4.128
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
01487e96b12cc31403104866bad3b9aedf7fc87133c20a40cc1ab45c4610952d
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
02ce1cedcb3a94243ea94b9bce738875bc5e2404f996933694cd28a36862035a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0bcb8634acdd25792d3f9bc12a1963dcbc58329daa25e10bf381c5fe063316c3
0e8dc498aac93dfaac0be1a3826279937bfaa9f7b184942e0d82b6b9059d6de7
138f07e0d5652d5a896e9c9a24422f660140919b661fd24c1a7b3fff516df90c
15cd30f67323d290fbf1a0dab776072d45cb0aeca18f7464079f92dcc9f57a05
177acbc07b5869652accf4053f163b7b37d7dd3f8569c93a8c62e90cff53ef7d
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
190679c2e42a418127144b87635739550d3ced85642fe2018047b08e6892c580
1a3c73cdb200ce67d2ed7bf434bbfe2f7c16912e326f4ea1bf9ffb7d37bc3ad7
1c261ab4dace4aed640d9bebbbc65d51c96c0d088c698af3d881317e0287e765
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ccb175aa6e7697d3b5af751d08d8f13901853313945ae97c7345f50e1e6533f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dae73580dd1bdcda70c51b86962fdc95f502c58bbdae06984df2ee07df5f351
1e3323c87ebfa44d7e5804d548f651c5597e8851125ef482f9d3d03ce5d12f45
1ec54f542dd65d2f3518d9bc1db30d16e79615feff3ec8ef98b01ea0e8ba4730
2060f51d78e71f3b5bebb6e271ff92c687e297cff1b60fb4a7375b25e3ef4fd7
20c0bf147829a22ab2c9b9a6e4f485bb63fc071ecc19685c00b37bbe4a9cef6f
20e1196c7473ea2e5115591f65b58f6f5e8403e1ff2fdcf393b7e8ab7446435d
21dc050ef5ce7ac6168e411225d34d0bcbf1f7af91ad1580678c499d337dbc0e
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
24deb8c2391451cdf3a4663d0359e0142fd1f3602d195da17f15279fcc6c3ae8
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27d4c1a420786311e0cb128323351377b630c9b9e8d8a1470d9497daa4ecb708
280329263a8a5ad67e0af11a604f8b8ed18f2c9448bf5e24012f5d11691e972a
2b7b36a195b3969b0a9dfddf9ec1c4d45e634cb19321887e2beb5a03bd865001
2d17e7c7373031e4f641073c01fd997368110f62832b986c502ae106c972717e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee3ed6ffcda00dd5267c80cac29a17218e1629a751b15e47a4b6067c7e0f45c
2eeedd56fdded69bf02bd8f1ab0d47480be5d05e59451974333829d5d1474c45
30c72624d4b0405cd9a4af1a43365f357f79f6313359bcc8457735135d7f81e8
3115bbc6f22888131b06d9d6b848351a12e5379bae4abdbee9e9cea1e99c823b
317bdac48ddf85fa16430919a8c2a68c9b0e3015e01ee1d808df67aedc4e0a26
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
341e22b5267494a92af6db2666f7e4d5c1c698fc8e65e6c5756c88d953314e84
3535c4a5bffc13ae18520d4021db2dce63cdcc64e198ce4c8a0d3baa2312ddb2
360b3d414fd9d19ee10c4e8e06136c7849a4dcc487723201f53f65c01c642098
36c961d4bda3e7a6336735fa062d8ea741379a63a0c442ca85e398d2b253829f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d5ad5436e94b42cc6d86048c4d3886a334d53c07f9967b7126d656339eccaf
39eb063d4cd122800b6954afc22997ca48df3a5ea076817f5c5c4431b6d27718
3d2d289443edb10359c5a2a139e52cb6e16c5790d636e383d492d32698c7796e
3f97d39fb338688fc6cb9094776a4cfb20c3e919352f2e4be72c0694445cd76b
405d9ee7e5a58935c19966f3f37287fc3ff40ede709b15567ec273db9d10b05f
40c6f803da5b5eaea1bcecca442170ee74786c40a87b5a5ea59ec22427edcd1b
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444048908ccf23f6e101dd87e33e21db8ff89b4d2e468f4b50fdb0272753a867
453652b8b27fc8862c74e1f1698119d0d90b9a3ad20622067cf4324f839d2307
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4a5bf872f5fdda6aa8e58482b68e6f86380023b54d5365afd0ba3ab4b539fc11
4e4bced464a4a37d57e50c84136d238ffea85457d194f276402eec637bd5c0b1
4eb6c7f2a7aa454348f2686a2e9548d31046be45fab02357fce6da2925f032ef
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
52e0074f60a4acacb7b3086c13ebbd2780173abcfec52a912fa435f265aa2880
5386b237068a97d747f16598ba0e764fa07eb92a68b8c49f4ac0ba5176d1eb16
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58a56f9503bc87e93fe41b7a68f368a075e6c294194bda61957280025683e859
5910fa2b14f49be0ebad39542c1bf8405b12ceea073230cc788aa770cd673ad6
59677a1aa0d7e375e7ffd218f48c2563da4c14db80ba02f46ddba9bafee6dde7
5a8d6dc0a2d5e85aa273eb4b7f06eb6cb64707786c77546070d1031643bd6681
5d36cb05c0704ebbb892e62402be4753072ee56467c3f138793af04744c446e4
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e47d3be3e4dfcb346bf00719caa539112b09801f6791419a77b304c63ebe9b7
5ea13a2f0a0d20d4296a059e3a2cd946c3d627ee8c88dfa897d3c8c2f143de8b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61604f28cc80dd4a34a2cb58e1bd447da291143e23419613e6edf4bb807206b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667638a38b57298a015cb48616f479cf3e122f18e96bc9cd81d1467b3152769c
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66f22eccc4875c142219d1f10790a52b9baa3a175ee9ff687e8532757c46cf28
6814f4cd01182679689e397989e5be9bf3cbc631889dc131c2530ce603b1af4a
6814fd06e3003ae0a0970fdd3a7b59e91cf3e8afa3fec26ef2efa38f73cb3d72
686e372edbf0cf62df56b24346275f6a35cd2b2cd88f19328d0b965ee94bcf15
6df16b9d1f923f1c810f639b4338f7f518909b3e7dd84a82590604b75e3f9933
6e1316222d75aba1371f57a96fce3a907e8b3d72e070915427d8a3d36967bdc4
6ed7c1bf67d889f3266e58e90060d187a4051dc564f1246db35505a743c77872
6eff22ceb7e7d8422a182f2d1ad96b572ccb58cb72e6fbf729ad338e4a524077
70ee952a13312d09feba4f1c3adb8faa159d210962789923d9bb907b5a98e4c6
70f215fc5d897590c7ea0aa8348e256e877ec4346adf67da8f6c40bc5cea26e9
71626abcd474cd1ab25aa26ce0080cf646ba532a082d16dcbe8b3511641bba1b
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7258669d60954719ded954c2518b225155fb31738bb2ac378b44d139fc55dc20
7374e570a4d955ad958f19ce9a42a5e805ccdcaa5f7e4dbc13346f1e45b56590
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75a4df7ae1563d685176d68da22828004eaf1575c29405edfc455ca8f6658574
7877f49ee097a894a425781df5e97e312fd1f2f5d4d221c44975b1cf7c6bceaa
792223dfab766d23d8600984dbb409ecd9a14b685fc49d61b6b110f46a28dc46
7975737dcab3e98655844dc1338ece0d9019246e668f0962f0b0577af1c597e0
79843e768129bc54db15739806c3d973e3d7b3e97c9ac58100c657d071f56fc0
7a177cca069c8a8133e0a364b5b9db956c5b7617a2e9c8d20e62362d1f4a5aa4
7a518845f31d0b18d7270eeb2843c7484cee5af9db21bb16351bc9d9b116e249
7cb558b096de43381ea12cbb5835a8ad210205e0e189e65bc4343ec23de06fb6
7d9103ea1caca69d25df079a4e2bb0e7d28e65ace41696aae5657771875e73c9
7dbe8a337504e0cd49b1763d49cc83d4d84abc84c2df5233deda38909b1fed6e
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e50a065e20f3686e6333c62392486dbea01d1ff235c915f7014879e170cf0b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b23baf061bb9f036d8e4992bafb1c99fc379dc6d964f9690586a7eceb4e25f9
8b33fa946a38e60349980c5e9e0bd3c575c508b0a4cc84e225dc470c1a76167e
8b405c674805d79556afe5773e2b764de42ac76e314747148082803be8e67071
8b5a5379064d6459caea21d3dc3a2de56ed1f0c26ae2f2cd23907be645999ed2
8cdd7bd82471b5683491a3ebc8b1e3f8e640e679bd5bc4f16d9bc45cc42021d6
8ef4aa2c41ee3d8150399dcb233339fbd1d75c1b1bbb3153a6bc28f63faef919
90bb36c4c0d901feb3f32e1c95032cf5521bc5fbe675bc91100e31ee27f93643
921c7e2005e97ca90cf67edeea19d6bce1f83d68cb3f77dec7557249373f1686
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
993b6c12ec96c3b5ed2b09656c8d6299c508bcbc43449a8540f0104f2473eeea
9a1199fb31d9eb51d799feafa3e85ad79e1f84332a8275b013d9f1323c307199
9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8
9f65ab34c39e281e5b994bb2aa1c2987c1b0a12c938bc9bb7490ba85ca12bdc6
9fab174f5f557a25dc9a4d9f5364b533b2d318315499624e8eeaa6a6df923c7c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a234e14e4140830e1a6f309d5805f8423d41e40c601f285eb6e00707e396e646
a347a273154ab74858bf90d5700e06b431498653da3902896fc7ad7e42fb22fd
a39b39996eac9f310a281345d603ba8b078f61442393110910a38a16e105f094
a585caf08693df1bcbaf10f0118dffe3a702e7acfaaa19b3ae82c25845f45522
a605872c10af59dccb04b7466b536181c78c30b8f7532d895183f7341c8d151f
a699f7a698c12eded511af476ca4e70e367fac38e7224278f906d54ad24b4e46
a703d3f434f3922de9d7419a383c9b391a94fc391f9f2bc99f777ca3d4465357
a830e0435b36c6bc45c704642950745f667fb12f182b911c0db6b646c4020bfa
aa25b37ed2342b975cc43d9f15c913012dd69417702e8af3cc219574f557fd5c
ab4f160d5e692a6472ab9ca6678900a8313644fb63140b42026cb8b3075e551a
ac67c4c64459f243337fd1acd0f9f5884407755db33357382446eccff49080ef
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28c3181c149b11260684c4f1fab1f5e3c0e287313f09c2c8ca28aa9ae4ab9b1
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b2eab8c6e0f378c6d9adbc9670e53af207a4cb16be5dadfc1728af63ee343d6b
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
b9b145700ad5d17ebabe662bb5e22e34eab0abd86e2b7f59a483d7be0db3a5ad
b9f40d9bc102543dfc95404f0ccdaa7605adad82580ecc617a1078c2927ad9b7
ba335f7fa2d3d48deb59dbaca6fd1c45838d6e2fcfc13765009ac677ae27992c
bbce122f46571712f2aedfb8c5c552328165ec14824008365cc81c08fba0158b
bc16257ccdeec4fda803b27d1219445acbc964d5f5b2e792e8e5d9ccc4061632
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
be7d7f91d35c596c975c8d19c8bd0e1e5208491225aa332362c3b0abea9c01a4
bfacea8e1a606d91c5206c1309219fcd784e90a297e2cfe8e528201dcc44501e
bfc22aa61526b54bd655a11d628c6a6522c714fd355633936052ffb93368f397
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c54b4f2646be8a0cd7aeb5db1c6d43ac798de663e034576ce6cf1195da1161dc
c61902f54255238f30b59f46a3687e46ccdd93a945b9f106a5f4dfdaccc623cd
c7b049c145ebb1fa294c4e99795b1f92876a8c589ad071c735a757cc689ee2ea
c96995aa2471d053bba8a090ead0f5db26f122c8a7afb66d888e298e088ea1ff
caff4a3d0519361a0357e17e12b528e800a7a9188e42cb0b3408c34d3e67a47c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf37446ea1ee83a3fce3f04bd63d69bb12d619e8e4c359540df4b94638daf74
ce43d2dd0428e227f36dd0c5eb187a1e20698c13a3812304980a0415838de739
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf19ea90dc75749477a40481190a3d6aa587542d7fb06f557fa6a14e01cece71
cf4fb2f01d9cf9dacc86bde88160ba3a8eb5d81b95a5a6064075d246404b4c80
d0739a8b185be75f76121b77b42f70b603a861840a66f35fdc73824b0ebab09b
d0b7f42876baf188f84ecb69cbecdf5f336350062970aebba9edf1d5a579fbf2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d21c993033d528a5c7b46ec8d39524bdeb90a1f5eca1b951222ee36bc72b7198
d2fcfc84ef54655a991fff82757e3cfac528c20a14698287dec0675b0a0d6486
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d7794ece2bfd09b233bd749f9de8ac20bd78f713c898214457a433f8bb14f795
d9ffff591407444da88adf6bdbd46fb28d042dc14ea45714651bb9c9f9ae190c
da50891ffc42d4c1579660f8495c39f0120342c869a96f7fa265333e131745d0
daa5b467932b8ffb3046744ef6bbc794c15df6d37a55e15229e6d771ca5ed768
dae0172585ae1755d6534a5d3e1ec6a7425ea5522ebd469f7d24870228a8f6c6
db1bfa42d673b3646e3c8577f23d3983c7ce95afbfe05a6d215bd9ed1c72f052
db8baa5999a34e67145c103a5059e37991adfee11b1b7a90b89bf9fe96f0e582
dc38d07ed2c0cf6079799000c1d629bc0a154f413eda7377bfdb2eeac96ed996
ddd1552af005990ce2f22dd3e8dc4cc3472d413a2a228868a8f141c871aedef5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de656249f82c6a2857c048d1f2670b1407aa1494be635b53ba3f6f4f92ecf73e
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0a9c30bcf30079668c1566444772bd4d12e78dab6aa08548472d65d7990077d
e23caab6e354f99aff7f78665c13d4e121fe68286891cf968d19161bf101759c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e38e5510ace5a5b11bab95721f5a78402838a6a0941abe95d9b33a7588743192
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
e9e05cd85d3088530453443f83b7258a668d25ca53d5555db0fab38ba6cb154c
eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee7b7eebeb9414b269cc07600d99854b311cbc8ba493264380b6b7704bee77e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc16c9c599b52ddf11338ab791b2ebf2e696e7d366753222dba7aabcd7b5f64
f05d12d238f369860eab896e680d82ed9ab09ac6952eead792a388e538016c8e
f0c588373d2268b48b094398de24d1c1e9b1e81313e72ab6dbff8346bf097019
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f2919f125df5dc47bd7936d5ec7f32aec7d5a0e6b5f7ae830c0e408d8892e80d
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2b33df5149000b512c5cbb2d2c285370abddbab4e1a3839b9e9a275ab405eb5
f39dfa0cc3f91f4f69318a68d1ce30e2ebf836d591b49878ca896c6011574a51
f3e9c637b253230955809039eeba7142917296f316ef3413c152eb571611be56
f4795d12882bf2a88f67576f4af38e0060377b1fa5cf1575e5f53d0d96552ace
f5f6785cc25ca73379c52d12ffd257fb725429d1dab056c8d3cdb77dfd9f1d22
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f69a21a9a1f6c409371c7333161ee16884e6b2a3704d3421f4061cbc28ffbc63
f783c693720a89bd8c14afdca7f721155310840aa1ab7f361632f72797934dd9
f9747335e73dc0dfb3f03d8648ffb9a176c062624f2b99d5ada6c6f3ecbbf40d
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbcb62733abf849b714f71057c7e912843e1762f50cabcdc3e7c09cb96d95183
fe0bc6e11b87847e1d4a25d4316cc5ccb11e87cf779a542dd421f0f325179121
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8
ff4a59a1e763c94313fc6e3e617ca1fc4a83c32e23e37304b623744a610537e8

ultrasurfing.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

359 Requests

96 %HTTPS

34 %IPv6

49 Domains

90 Subdomains

78 IPs

12 Countries

8061 kBTransfer

21805 kBSize

40 Cookies

40 Outgoing links

Page URL History

Redirected requests

359 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ultrasurfing.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

359
Requests

96 %
HTTPS

34 %
IPv6

49
Domains

90
Subdomains

78
IPs

12
Countries

8061 kB
Transfer

21805 kB
Size

40
Cookies

359 HTTP transactions
20 data transactions