URL: http://ultrasurfing.com/
Submission: On May 11 via manual from US — Scanned from DE

Summary

This website contacted 88 IPs in 9 countries across 57 domains to perform 311 HTTP transactions. The main IP is 2606:4700:e6::ac40:c516, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 338016.
This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
10 151.101.65.44 54113 (FASTLY)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 4 13.224.192.181 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
78 151.101.1.44 54113 (FASTLY)
2 13.32.99.105 16509 (AMAZON-02)
2 213.19.147.42 26120 (RHYTHMONE)
1 18.66.122.63 16509 (AMAZON-02)
4 185.89.210.153 29990 (ASN-APPNEX)
1 147.75.84.158 54825 (PACKET)
1 3.73.41.176 16509 (AMAZON-02)
1 51.75.86.98 16276 (OVH)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 52.211.18.51 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 216.52.2.30 32475 (SINGLEHOP...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 178.128.135.204 14061 (DIGITALOC...)
1 52.29.92.162 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
1 2a0c:5c81:514... 55081 (24SHELLS)
2 2620:116:800d... 16509 (AMAZON-02)
2 2606:2800:233... 15133 (EDGECAST)
1 18.66.138.185 16509 (AMAZON-02)
1 23.209.22.22 16625 (AKAMAI-AS)
1 65.9.66.122 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 35.171.176.233 14618 (AMAZON-AES)
1 35.171.180.138 14618 (AMAZON-AES)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
15 141.226.228.48 200478 (TABOOLA-AS)
1 2 2600:9000:223... 16509 (AMAZON-02)
2 52.31.89.240 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.19.138.119 16276 (OVH)
3 162.19.138.116 16276 (OVH)
2 34.117.132.248 396982 (GOOGLE-CL...)
1 2600:1901:0:8... 15169 (GOOGLE)
1 44.205.127.242 14618 (AMAZON-AES)
1 104.111.217.42 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 142.250.184.198 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
5 52.223.40.198 16509 (AMAZON-02)
4 2a05:d018:d29... 16509 (AMAZON-02)
2 23.201.255.110 16625 (AKAMAI-AS)
2 3.121.1.231 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
18 95.101.148.20 16625 (AKAMAI-AS)
2 2.21.20.138 20940 (AKAMAI-ASN1)
9 23.35.228.23 16625 (AKAMAI-AS)
3 151.101.193.108 54113 (FASTLY)
8 185.83.142.19 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 7 20.101.38.191 8075 (MICROSOFT...)
1 7 104.111.216.201 16625 (AKAMAI-AS)
1 1 185.89.211.116 29990 (ASN-APPNEX)
3 5 142.250.184.194 15169 (GOOGLE)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 3.75.62.37 16509 (AMAZON-02)
1 8.43.72.98 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
4 2.19.244.27 16625 (AKAMAI-AS)
5 6 69.173.144.165 26667 (RUBICONPR...)
1 2620:109:c002... 14413 (LINKEDIN)
1 2 52.46.143.56 16509 (AMAZON-02)
1 2 54.239.38.253 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 40.85.112.191 8075 (MICROSOFT...)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
311 88
Apex Domain
Subdomains
Transfer
107 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 990
trc.taboola.com — Cisco Umbrella Rank: 657
trc-events.taboola.com — Cisco Umbrella Rank: 1941
vidstat.taboola.com — Cisco Umbrella Rank: 2777
am-trc-events.taboola.com — Cisco Umbrella Rank: 16166
images.taboola.com — Cisco Umbrella Rank: 2040
imprammp.taboola.com — Cisco Umbrella Rank: 14139
am-match.taboola.com — Cisco Umbrella Rank: 14462
wf.taboola.com — Cisco Umbrella Rank: 2914
am-vid-events.taboola.com — Cisco Umbrella Rank: 13263
vidstatb.taboola.com — Cisco Umbrella Rank: 5371
pips.taboola.com — Cisco Umbrella Rank: 1646
cds.taboola.com — Cisco Umbrella Rank: 1909
am-wf.taboola.com Failed
6 MB
32 media.net
prebid.media.net — Cisco Umbrella Rank: 1430
contextual.media.net — Cisco Umbrella Rank: 635
warp.media.net — Cisco Umbrella Rank: 2557
lg3.media.net — Cisco Umbrella Rank: 5916
hblg.media.net — Cisco Umbrella Rank: 2153
484 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
185 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
cdn.adnxs.com — Cisco Umbrella Rank: 1649
ams3-ib.adnxs.com — Cisco Umbrella Rank: 7955
secure.adnxs.com — Cisco Umbrella Rank: 440
acdn.adnxs.com — Cisco Umbrella Rank: 611
107 KB
16 ultrasurfing.com
ultrasurfing.com — Cisco Umbrella Rank: 338016
119 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
4a904a185e45baeb853260f4918ec5d8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
46 KB
12 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113
token.rubiconproject.com — Cisco Umbrella Rank: 600
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
15 KB
9 neodatagroup.com
c.neodatagroup.com — Cisco Umbrella Rank: 29625
tra.neodatagroup.com — Cisco Umbrella Rank: 25893
tracker.neodatagroup.com — Cisco Umbrella Rank: 28041
19 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
119 KB
7 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1097
6 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1102
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
110 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2767
a.ad.gt — Cisco Umbrella Rank: 3173
4 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
789 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
id5-sync.com — Cisco Umbrella Rank: 444
19 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4217
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1195
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
12 KB
3 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 972
x.bidswitch.net — Cisco Umbrella Rank: 324
530 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
209 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1377
104 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
105 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2195
592 B
2 bcovery.com
tempnextstat.bcovery.com — Cisco Umbrella Rank: 123119
83 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
804 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1077
1 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
450 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1129
pixel.quantserve.com — Cisco Umbrella Rank: 945
10 KB
2 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 25748
p2.gcprivacy.com — Cisco Umbrella Rank: 22560
10 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 755
163 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5171
adservice.google.de — Cisco Umbrella Rank: 7680
939 B
1 youronlinechoices.com
www.youronlinechoices.com — Cisco Umbrella Rank: 63525
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
798 B
1 gstatic.com
fonts.gstatic.com
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1 KB
1 cloudfront.net
dpjgrnd6i7dk0.cloudfront.net
42 KB
1 teads.tv
at.teads.tv — Cisco Umbrella Rank: 4895
338 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 4194
473 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2041
250 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2665
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1194
17 KB
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6379
2 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
555 B
1 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 17746
172 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
403 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1307
258 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 661
225 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
567 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
363 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 983
276 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
1 KB
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 125
455 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 17836
260 B
1 increaserev.com
increaserev.com — Cisco Umbrella Rank: 135140
171 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 agkn.com Failed
fid.agkn.com Failed
311 57
Domain Requested by
56 images.taboola.com
20 cdn.taboola.com ultrasurfing.com
cdn.taboola.com
18 contextual.media.net increaserev.com
contextual.media.net
ultrasurfing.com
dpjgrnd6i7dk0.cloudfront.net
16 ultrasurfing.com ultrasurfing.com
9 am-trc-events.taboola.com cdn.taboola.com
9 securepubads.g.doubleclick.net increaserev.com
securepubads.g.doubleclick.net
ultrasurfing.com
www.googletagservices.com
dpjgrnd6i7dk0.cloudfront.net
8 ams3-ib.adnxs.com increaserev.com
ultrasurfing.com
dpjgrnd6i7dk0.cloudfront.net
cdn.adnxs.com
7 lg3.media.net ultrasurfing.com
contextual.media.net
7 pixel.mathtag.com 1 redirects pixel.mathtag.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
dpjgrnd6i7dk0.cloudfront.net
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ultrasurfing.com
5 cm.g.doubleclick.net 3 redirects eus.rubiconproject.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 trc.taboola.com cdn.taboola.com
4 token.rubiconproject.com 4 redirects
4 hblg.media.net ultrasurfing.com
4 tracker.neodatagroup.com 2 redirects
4 pr-bh.ybp.yahoo.com am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
4 gum.criteo.com 1 redirects increaserev.com
4 ib.adnxs.com increaserev.com
acdn.adnxs.com
4 c.amazon-adsystem.com 1 redirects increaserev.com
c.amazon-adsystem.com
3 tra.neodatagroup.com 1 redirects
3 id5-sync.com cdn.id5-sync.com
increaserev.com
3 id.hadron.ad.gt cdn.hadronid.net
increaserev.com
3 fastlane.rubiconproject.com increaserev.com
3 www.googletagmanager.com ultrasurfing.com
increaserev.com
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 s.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 i.clean.gg dpjgrnd6i7dk0.cloudfront.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn.adnxs.com increaserev.com
2 warp.media.net increaserev.com
2 qsearch-a.akamaihd.net increaserev.com
2 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
2 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
2 am-vid-events.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 ad.doubleclick.net 1 redirects
2 tempnextstat.bcovery.com ultrasurfing.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
increaserev.com
2 rules.quantcount.com 1 redirects
2 trc-events.taboola.com cdn.taboola.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 c.neodatagroup.com ultrasurfing.com
c.neodatagroup.com
2 targeting.unrulymedia.com increaserev.com
2 sb.scorecardresearch.com cdn.taboola.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 vidstatb.taboola.com
1 www.youronlinechoices.com
1 googleads.g.doubleclick.net ultrasurfing.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 acdn.adnxs.com ultrasurfing.com
1 fonts.gstatic.com fonts.googleapis.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 secure.adnxs.com 1 redirects
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 dpjgrnd6i7dk0.cloudfront.net increaserev.com
1 imprammp.taboola.com vidstat.taboola.com
1 a.ad.gt cdn.hadronid.net
1 4a904a185e45baeb853260f4918ec5d8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 at.teads.tv increaserev.com
1 id.crwdcntrl.net increaserev.com
1 idx.liadm.com increaserev.com
1 lexicon.33across.com increaserev.com
1 pixel.quantserve.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 p2.gcprivacy.com p.gcprivacy.com
1 cdn.id5-sync.com
1 cdn.hadronid.net ultrasurfing.com
1 tags.crwdcntrl.net ultrasurfing.com
1 secure.cdn.fastclick.net ultrasurfing.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.quantserve.com www.googletagmanager.com
1 ghb.adtelligent.com increaserev.com
1 tlx.3lift.com increaserev.com
1 rt.marphezis.com increaserev.com
1 prebid.media.net increaserev.com
1 ap.lijit.com increaserev.com
1 rtb.openx.net increaserev.com
1 ads.yieldmo.com increaserev.com
1 htlb.casalemedia.com increaserev.com
1 onetag-sys.com increaserev.com
1 grid.bidswitch.net increaserev.com
1 prebid.a-mo.net increaserev.com
1 p.gcprivacy.com increaserev.com
1 www.google.de
1 cdn.jsdelivr.net increaserev.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cloudflare.com increaserev.com
1 cat.hbwrapper.com increaserev.com
1 increaserev.com ultrasurfing.com
0 am-wf.taboola.com Failed vidstat.taboola.com
0 api.rlcdn.com Failed increaserev.com
0 fid.agkn.com Failed increaserev.com
311 105
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-26 -
2024-03-25
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
cat.hbwrapper.com
R3
2023-04-02 -
2023-07-01
3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3
2023-04-07 -
2023-07-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
www.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-28
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M01
2023-02-23 -
2024-01-01
10 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.a-mo.net
R3
2023-04-13 -
2023-07-12
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-05-09 -
2023-08-07
3 months crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-03 -
2024-01-03
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-04-02 -
2023-07-01
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
*.hadronid.net
GTS CA 1P5
2023-04-11 -
2023-07-10
3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
sni8045gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-08 -
2023-12-09
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
*.id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
tempnextstat.bcovery.com
GTS CA 1D4
2023-04-14 -
2023-07-13
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
lexicon.33across.com
GTS CA 1D4
2023-04-13 -
2023-07-12
3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01
2023-02-21 -
2023-10-29
8 months crt.sh
teads.tv
R3
2023-05-11 -
2023-08-09
3 months crt.sh
*.google.de
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
i.clean.gg
GTS CA 1D4
2023-03-27 -
2023-06-25
3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-05
a year crt.sh
youronlinechoices.com
Go Daddy Secure Certificate Authority - G2
2022-07-02 -
2023-08-03
a year crt.sh
neodatagroup.com
R3
2023-04-11 -
2023-07-10
3 months crt.sh

This page contains 20 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: B13D57826CDA6F4A8D8EB4F3FF5E329E
Requests: 202 HTTP requests in this frame

Frame: https://c.neodatagroup.com/ps-topics.html?sid=2033
Frame ID: B83E43EA287E56C7B4FD7D5FC421DAC7
Requests: 1 HTTP requests in this frame

Frame: https://4a904a185e45baeb853260f4918ec5d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F122F176A2A7CD45719D8853D75F7C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07BCD43379C2EF557B795F6CF9598684
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5177CC11D6F8A139615FB2052A9030F6
Requests: 2 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683835587972&uv=3275&tms=1683835587972&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=91095f79-cb40-4588-94d1-c29bcace532a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C4DFEE15F956739E004EABE62F7270CE
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 472E08256480F6685FAB62DC12C17392
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 5FAFA9941B3AF8DBC95D588CA4445796
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYHXplefRe-kbSIIRiI4bFvpSh1OafkUVxkR6z3QbxkFzajsyaR_vgOf-j1tqqyeayMh39RJw8_yi9ZEve0U3r_C6GsL-HOUf4W4QNEDATwuVi9rmyFpF7gMh1YCIXNZD4tC33KsRH0y9b_70sVyoA0O3Prp0YxPz9h8jrotu897g64a2goSJmqXMeffPruK4sIRJTW6MeDctAfwabd88wIBwC5wDH1AAnWPohBDgFljv5jDYEeZHDFdF0bDgzmWP4eQ353s27Pu6adqMox6nDo_RCKvC7uTgZq81YFF5zpUamiu0TVK_WkzqcdmeBAMhhDDvuZojvyRmQVLBho14_ZDSfX1M&sai=AMfl-YRnkCmg1rRcIVyCzkZyq0cZUegtl-aNTXzE1ZUB9ZcYqnxs5c7iefQ0NV4ioqWH5sXLTpFc45Xz2HMcIjOR5eyXjpfflPOAdiaKUO5pp5JKgB1pp6VjmjvtF80eWVhSQj_wL5O17AQ23jUH9l0&sig=Cg0ArKJSzF6NslKUgbuYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 133B014FC9816EA02F2075809C33D471
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 8BE82E0184476EFAE44610C82E3FCA28
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN8wtgkcSxJViKkgLL_AsenVdQZKyEGMiGVC4HnYxQcgPToA4lCjztN6T4mZ6SIar95R_2pdydwA9Rl1J3rXdq813Cs5c_SiRP4maW4puFYMt-YWT-jvR50R9BsNipHJisS25owMc0QLjXw_MNI5rsmgS-GsDH7XxX05aSB96JBMc2Qi-MJKvsosxu30gaphZG9D8z9jxXpKdlx46Do1amYnGTQ8COmRzEHOigDg8ztjy5ZnvWMkOZvEZPN700U5CacQaACg64wKGYCGAIMKz9XCNeymHezRxaibQzUGkYoFHvB7zpxVcOLhVtXkqu13bf7Yx5By6TU1eMz60eTrPw&sai=AMfl-YSrprpwjB4OXpwyFIkEzdhsfVzyz24VYVu58hm1CA9ky3xGV1ze983LXIPRX3iqBzHT3jInPMZ7CT2089MiVti9YCLBDaJoA1assudkb2W-h2i79XsCyR7A-RLAN9SS8_tgLr_LzwHSX_oLZ10&sig=Cg0ArKJSzJeJQiO4DZCkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 02AA04DE2CDF0356AB762EC3EADAFC98
Requests: 17 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Frame ID: 24F8914383C0999F206F77D0AE75B13D
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 338E2837072E408BAEE47ADFE4D2C619
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 80F7F75CE5FDF0B1674C795C02A9CDFE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Frame ID: 506582F94B063B00CB22CAA97EA9A8D5
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588872392107&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&perf=1&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: 39FA5FDB3275C22140A7F2E24BC7AE67
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 107F0CE1959311AC9A76BD0AD085FA61
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B1814A2A2C0117D0604C9100640D9FFD
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
Frame ID: AADBC13E1859C2C9C0E395D7593FC8C4
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 9E0A56BF8BABCE01A31840AA88682018
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

ultrasurfing.com/

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

311
Requests

83 %
HTTPS

39 %
IPv6

57
Domains

105
Subdomains

88
IPs

9
Countries

8299 kB
Transfer

13839 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://c.amazon-adsystem.com/aax2/apstag.js
Request Chain 60
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
Request Chain 66
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Request Chain 69
  • http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js HTTP 301
  • https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Request Chain 110
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CNrNwbCI7v4CFXLkuwgdouELDA;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Request Chain 190
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1092966682000&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=6a914654-6fed-416d-a36f-88694a31f015;pubcid;PublisherCommonId&pbs=true HTTP 302
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1092966682000&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=6a914654-6fed-416d-a36f-88694a31f015;pubcid;PublisherCommonId&pbs=true&neoid=31018d81dee05d0
Request Chain 191
  • http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000 HTTP 302
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000
Request Chain 192
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1092966682000 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=5244989658897313269&rt=img&rnd=1092966682000 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=5244989658897313269&rt=img&rnd=1092966682000&neoid=31018d81e1a05aa
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1092966682000 HTTP 302
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1092966682000&google_gid=CAESEL2sfQ1YbiauLJgljV25iNE&google_cver=1 HTTP 302
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1092966682000&google_gid=CAESEL2sfQ1YbiauLJgljV25iNE&google_cver=1&neoid=31018d81e2205a3
Request Chain 195
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=1092966682000 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1092966682000
Request Chain 209
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ4YTFkNmIzYzE2YTVlNmM2MWRkYzE4N2VjNWNkNzViODA0MDQzYQ&gdpr=1&us_privacy=1---
Request Chain 210
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/q2RDFfXA-sxlN2EvlI1Uisn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
Request Chain 211
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJK8E7W-1N-E7QT&gdpr=1&us_privacy=1---
Request Chain 212
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhKSzhFN1ctMU4tRTdRVA==&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEHR0BTddmNy7NZIQQj2RRs0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKSzhFN1ctMU4tRTdRVA==&google_push=&gdpr=1
Request Chain 213
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 214
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECvYQvjhwU33fpfuU05GmGo&google_cver=1
Request Chain 216
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

311 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ultrasurfing.com/
10 KB
4 KB
Document
General
Full URL
http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289c155c83989cc97678fc32d8d0f5abe114fd78cdb6f7d7e0d0af1eff8df7c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7c5d0adcdd3535df-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 May 2023 20:06:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAaSvjLy0w1HwpXHMxuD57JXwoFAn%2BsfB5J5NP12%2F6wkd3Q2sczkBruwPghJhmNhrJ32nuF133ms6SrY1PQTiVzg1auqlkdyo%2FPRbuFhR1o%2FDZyO9n1GFaB779u8e43PRzEPne97U7r3q1KT37un"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reset.css
ultrasurfing.com/css/
773 B
1 KB
Stylesheet
General
Full URL
http://ultrasurfing.com/css/reset.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2678
Cf-Polished
origSize=1050
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
W/"5f9a61f5-41a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi1DZsOUi2XzIAaDqS50oFQ%2B3VdVhPuGRFAiHwLZLWW9m2zRQEPwAu2rEdOqkWPS%2BZC7785UpC7Pywoc3sy%2BNnRls6PFXajQrscst3bfHyk7Gd3NAl1r%2FX8lxgFx2AEJf570ctd299SWpoomxJOr"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
7c5d0adedffd35df-FRA
style1.css
ultrasurfing.com/css/
11 KB
4 KB
Stylesheet
General
Full URL
http://ultrasurfing.com/css/style1.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5491
Cf-Polished
origSize=19154
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Sat, 08 Apr 2023 04:57:00 GMT
Server
cloudflare
ETag
W/"6430f41c-4ad2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJxTYcN5tw9Q8i56a2cZGWCCeectyCorlRXAqeWe83VOeohOcLHD%2BE26gF0dDdDInWD7AYnv1TdYLTc8RU4CSQXWn05A0ruQfUVpms4D3FF5we4n9u6YKHz6MkJ6Y%2F%2F0SDc5SObWWjum02DLq8k%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
7c5d0adef83e9bb6-FRA
8452fe32_photo0_610.jpg
ultrasurfing.com/images/
37 KB
38 KB
Image
General
Full URL
http://ultrasurfing.com/images/8452fe32_photo0_610.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff74ecf200c9d88696675df10082009529dd040f7c04c10bb0aa4297bc3669f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
9654
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
37921
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 17:24:03 GMT
Server
cloudflare
ETag
"645d24b3-9421"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idgQtCFJwCfqd17%2Bu0uUIp8IeSzFvBCIN68e9DyIU%2FSnnuniuW%2Bc%2BykPnq6Gvqlzf6TSxjzVeTu2vSBG7yNOn%2B9L6VquaAMdlVIv%2BNXr%2F2l4uHgGOKorBpzfhjjxZ3RPW3zFHd%2B90o7uF79ixeT7"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf0a122ba6-FRA
Expires
Fri, 10 May 2024 17:25:33 GMT
69b74cc1_photo0_190.jpg
ultrasurfing.com/images/
8 KB
8 KB
Image
General
Full URL
http://ultrasurfing.com/images/69b74cc1_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f4068707ae8a4ea8d64c8e4e27e1c1047c9f497e98df216d84b39aa5d87ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3843
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7739
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:00:06 GMT
Server
cloudflare
ETag
"645d3b36-1e3b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUd9FxtVPGMp0cObbYhESBJgVyC%2Fjj0XV%2Fwd%2FQLy9u%2BvMP%2BmqJcttVCfB7NAt7yDISohnjnPCE3snfiuzCcGBE%2BRPo5u1r0K1nSBmYGyb0081CrXn3cF7sEp%2BNfDqJ6TaY3xN9MsR2JtgXCbxefr"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf0ccc5bf5-FRA
Expires
Fri, 10 May 2024 19:02:25 GMT
175e38ae_photo0_190.jpg
ultrasurfing.com/images/
6 KB
7 KB
Image
General
Full URL
http://ultrasurfing.com/images/175e38ae_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a93e8b94dce641c2dabc52b9eeeadb52d3bff54a5600b231fa61cac629825b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
43086
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5870
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 08:06:06 GMT
Server
cloudflare
ETag
"645ca1ee-16ee"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojBITLO5TJKBMNrOMEhFUJFp7jjOyCSbkJZiXVxvKc4vNTgcDZq6Qd6m%2FJqNzhCgggIAeFEWyrUYInGJ7sqHQ8JZijuadU%2FUKVDHuTYgwYpAMmOkujVasoYwvK3BoxbhdA%2B38tEtdLFHcvh2kCdS"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf0c4218e0-FRA
Expires
Fri, 10 May 2024 08:08:21 GMT
8452fe32_photo0_190.jpg
ultrasurfing.com/images/
6 KB
6 KB
Image
General
Full URL
http://ultrasurfing.com/images/8452fe32_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbc6426b069330c054993f1c434f91e2bf464ad386236d1b557483d7baa4dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
972
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5803
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:48:01 GMT
Server
cloudflare
ETag
"645d4671-16ab"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO1MMhm89%2Fw%2B6MTfSmb9c6iG4JLmKWp6pd7x2Uqfw8ivuj3qFW4Jy7uyiQ82gUeTuUUL9dye%2FdODbSPiH9%2F3FKRPaiX8Mu7UdAa1998wj6WdtA74Iy67DhOzJPficlOFzjPiKz%2F9COnOkR71adbO"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf082fbb65-FRA
Expires
Fri, 10 May 2024 19:50:14 GMT
4c6cd62b_photo0_190.jpg
ultrasurfing.com/images/
8 KB
8 KB
Image
General
Full URL
http://ultrasurfing.com/images/4c6cd62b_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357d451ba51323303d179a2abecbd9a78cce9a6458d7a604007a180d92ca72e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
8183
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7759
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 17:48:01 GMT
Server
cloudflare
ETag
"645d2a51-1e4f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxdPlBAIxxV1nHW4OZ94RlkB3Iy18kpWb7qe%2F2mD9gQhu%2Bw7tfTabRooMgtHHUJkzBIt%2F8ngUr3ypI%2BspZW93FEq%2Fhkclb%2Bl8IUsSDcy6B5amT5F18Q5pSj0kbd7qNPwkXagu97f2ZuP0HPW98G0"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf183135df-FRA
Expires
Fri, 10 May 2024 17:50:04 GMT
6655f9d7_photo0_190.jpg
ultrasurfing.com/images/
10 KB
11 KB
Image
General
Full URL
http://ultrasurfing.com/images/6655f9d7_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d885e6bc633bdbd8a6c6118e6910f09ef19bd476f9df24c37cfe03140f0806a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
61153
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10233
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 03:06:01 GMT
Server
cloudflare
ETag
"645c5b99-27f9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q4K%2FRiI1ZsdS2HUyvGFe6dLq4B1NZ5BHP8GEs%2B923Zvn%2B7y5rhzYjR3LORIXFR2V0unk9RIiG4SzPrAG8DD7hUceRTkrm%2FeoxvK82QEY5P2d9EKmw7Cya%2Fw6vnR6Gdv0Mj7WV7bYeI7%2F8eOoKWM"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf38819bb6-FRA
Expires
Fri, 10 May 2024 03:07:13 GMT
8f4c260a_photo0_190.jpg
ultrasurfing.com/images/
4 KB
5 KB
Image
General
Full URL
http://ultrasurfing.com/images/8f4c260a_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44d59b6d0e3be9260bffad9b7dc048a60ca8fc93f82e05e49b0a465c45fe579

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3086
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4235
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:12:02 GMT
Server
cloudflare
ETag
"645d3e02-108b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFBq1X4Y%2BBBsYLOaXXWrhE5uCvkHuXE%2BM7HPrLlPoCYHTKRN%2BihtptyvagAsR87bu1km51DCWkgsD7nOjTQolqD51to9YETSQBOMSvHjafJHYUTvnSaoDp4swC1HjwTKz17j20SWgjnLrOqTaQmz"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf388fbb65-FRA
Expires
Fri, 10 May 2024 19:15:01 GMT
503c428_photo0_190.jpg
ultrasurfing.com/images/
4 KB
5 KB
Image
General
Full URL
http://ultrasurfing.com/images/503c428_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd4968084c794b22b923d972baa11298e5a6a7bb2289613bc3e70bb6e6076e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3108
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4391
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:12:03 GMT
Server
cloudflare
ETag
"645d3e03-1127"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62rV7rtucJmdaQVka8rLjUoGu%2FCnojuQQpKIeNWo1tsZTVh3IT4dPKD%2BgKdm4JispLUaoYmkR%2B2YM6cJtEABkXvEMfDbUmCx5eiI599vmdawSVKLtiUl%2BGkcx%2FRp%2FO%2FfbTTtX32BaLydvWtLDlW1"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf3c9a18e0-FRA
Expires
Fri, 10 May 2024 19:14:39 GMT
6c6d3e7_photo0_190.jpg
ultrasurfing.com/images/
6 KB
7 KB
Image
General
Full URL
http://ultrasurfing.com/images/6c6d3e7_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258944663df33934f98aec7ba3b6c76c17698de7225e81de08566f4c25bd5bed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6067
Last-Modified
Thu, 11 May 2023 20:06:04 GMT
Server
cloudflare
ETag
"645d4aac-17b3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIg3jEsHrsVY1RY4xGTb%2FeQfciEqjvxzaqBRhiais9uquw%2FauesfkD2VDI3Fbsu%2F4yIMAj8VZLQECWpj5uOHRIsv60Sytr5T4csbz7MUJ9VWo9BU2fIm2qTOhetOJOaOQ5BNF7FZEwV0ABjlxEUQ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf3a582ba6-FRA
Expires
Fri, 10 May 2024 20:06:26 GMT
rocket-loader.min.js
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
5 KB
Script
General
Full URL
http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 10 May 2023 14:15:08 GMT
Server
cloudflare
ETag
W/"645ba6ec-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr6ihzXoPoYDQUa7i63FFVQGqDsEhs8E2KXKtMGyHal2KMqmJurZwx3ZCcEfyO4F%2FhqZeT6K%2BgytuCo4a4fVYHjimSWaEXfwW0zB0UXbDlIgGt9Zl3xRKw61DpYZ97A8FZaBVtFx23CQFFITVUAy"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
7c5d0adf3d0c5bf5-FRA
Expires
Sat, 13 May 2023 20:06:26 GMT
bg_header.png
ultrasurfing.com/img/
230 B
1 KB
Image
General
Full URL
http://ultrasurfing.com/img/bg_header.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2990167
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
230
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-e6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3Is0vUgeC0PA5HPT6uW5dWp1XYdVUXXtEHcuJ%2FlgxwY3epQUS0K4HUGpz%2FEBV4p9waq0ebBYo0o8Ti1NF7mb%2Fiip9%2Bmm9CZiqRB%2Ft5ptWiKvV0EayOPZ6mcVSiTSn%2FubuOrCPe5xBwTfqkkHE6F"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf487035df-FRA
Expires
Sat, 06 Apr 2024 05:30:23 GMT
logo-new.png
ultrasurfing.com/img/
7 KB
8 KB
Image
General
Full URL
http://ultrasurfing.com/img/logo-new.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
27637325
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7316
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-1c94"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQtRZ2IlULagQZwX3Yoxu1Ur4LJApu9wMYWeoksVc1eC2C7lzHdkYe9pIimHyQp7Cbn4NkrKRPloRBoJRuP%2FhtIv%2FsHE6VPXjvtDT5fRmhGiKvjm5yPYjHhQAdU3AIaVFZJh7AxXfo2xBCH1K0vR"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf58b29bb6-FRA
Expires
Sun, 25 Jun 2023 23:04:21 GMT
bg_nav.png
ultrasurfing.com/img/
175 B
990 B
Image
General
Full URL
http://ultrasurfing.com/img/bg_nav.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1167467
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
175
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-af"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJAbXAOpxxAQBrDzMx%2FdBmXaFYDzunKJ9fSIuLZu4HlgcIRdNTPBqen0NgDB%2F2lNJZPkbcjvmUZmrUOk7dnTqk6rKBcMMf%2BBvUwX7QwNtlIYkhqwVs4xlc4OyCeKqRGwkjT3rw0IBbxj%2BSYm6ocJ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d0adf6d3a5bf5-FRA
Expires
Sat, 27 Apr 2024 07:48:40 GMT
aaw.ultrasurfing.js
increaserev.com/ads/ob/tage/
577 KB
171 KB
Script
General
Full URL
https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984974b85250965fb864f580aee7f46131ea97e843e21b58289513e33685c31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2652
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 May 2023 19:07:11 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeRRbgNJH%2B96otsj5wgmBIIZNQNg8qixLLi93tl1Ko8gdWo7Nywn1Y2qUoeV73Mgii96ndUILpYHaY%2B%2FXmRqLZ3Dmh8SC2zW%2F1yXMkT0nLHvDODGzM3vx1SeeSrJ%2BjhmheFlV%2F3LvMCkhNMrMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
7c5d0adfd9ae3a9a-FRA
access-control-allow-headers
origin, x-requested-with, content-type
js
www.googletagmanager.com/gtag/
223 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65fc91eadb9be0343a7020106d1e23024879e75315b0644074dfbe042c1e8c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80137
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 20:06:26 GMT
loader.js
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/
399 KB
47 KB
Script
General
Full URL
http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a7e5214c17066ad2278d15b001d21f2343958a2792f20dd882d87bcec0404ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hXeeEEgi0x.A0gvPV98e6VW9m.robHmj
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 11 May 2023 20:06:26 GMT
x-amz-request-id
1AHQVXQ9Z2MHANRW
Age
15
x-amz-server-side-encryption
AES256
X-Cache
HIT
x-amz-replication-status
FAILED
Connection
keep-alive
Content-Length
46912
x-amz-id-2
LsxOsHddHI2k9LSNmrkz0+SsVuHQ7GVQR4GNq7rnkN4eV4L4kRg7Tg8/f1ZjqcZrizFviR1Q//8=
X-Served-By
cache-fra-eddf8230078-FRA
Last-Modified
Thu, 11 May 2023 09:17:47 GMT
Server
AmazonS3
X-Timer
S1683835587.799649,VS0,VE1
ETag
"26630f21b018a4b6bcd91a6d5a45e592"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
abp
76
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
X-Cache-Hits
1
gtm.js
www.googletagmanager.com/
213 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
843af39f2008fbd63a73e2364898c75c54eefee8c8eb93564723e11d97fcd960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70274
x-xss-protection
0
last-modified
Thu, 11 May 2023 18:30:06 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 20:06:26 GMT
/
cat.hbwrapper.com/
15 B
260 B
XHR
General
Full URL
https://cat.hbwrapper.com/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://ultrasurfing.com
Date
Thu, 11 May 2023 20:06:27 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/
318 B
455 B
XHR
General
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6b3655ff5418c1dfa568904153ce875a2c1d8b6f959a29b4d738826bbc8df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7c5d0ae1ebbf9b67-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
74 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c5c716977a23a64d10096062ed3bcd6799b560ee2ee2585b9ae262d3ac4b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25272
x-xss-protection
0
server
cafe
etag
398 / 19488 / m202305080101 / config-hash: 8653395816841731476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:06:26 GMT
apstag.js
c.amazon-adsystem.com/aax2/
230 KB
57 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:36:51 GMT
content-encoding
gzip
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1776
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
OAiUlB1JE45CmW0FR0EXLuW9m7c6-uCnCsuCJMD1Q9axL6hzh5kGlg==
collect
region1.analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je35a0&_p=1562403468&_gaz=1&cid=1070517397.1683835587&ul=en-us&sr=1600x1200&_s=1&sid=1683835586&sct=1&seg=0&dl=http%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
254 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=1070517397.1683835587&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/
183 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
838babfddb01c2452c6c6f38ff9314a3b35a38907fac9274341c936a5df9a363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62581
x-xss-protection
0
last-modified
Thu, 11 May 2023 19:49:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 20:06:26 GMT
apstag.js
c.amazon-adsystem.com/aax2/
Redirect Chain
  • http://c.amazon-adsystem.com/aax2/apstag.js
  • https://c.amazon-adsystem.com/aax2/apstag.js
230 KB
57 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:36:51 GMT
content-encoding
gzip
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1776
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
JPTj4Tfw9fNK-1su9ytEDCO64LSa9QeVtSHy5cgtvvS4qUqJy5yi8g==

Redirect headers

Date
Thu, 11 May 2023 20:06:26 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://c.amazon-adsystem.com/aax2/apstag.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
EAXGbp-9f0_FXxOJCA__RXDB2teg0_abCjdgHnqcBrPloT840tYEcg==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
041fae49bdc332d692b89d7d8c708dfb28f175d10cddaf1959c1bb46ddd4d3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 May 2023 20:06:27 GMT
x-content-type-options
nosniff
content-encoding
br
age
14739
x-jsd-version
1.0.1695
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
835
x-served-by
cache-fra-eddf8230103-FRA, cache-gig2250079-GIG
x-jsd-version-type
version
etag
W/"633-FCRqVFGddBEX9jwRoP08YMQ1Zs4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=1070517397.1683835587&gtm=45je35a0&aip=1&z=1686614028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20230509-15-RELEASE.js
cdn.taboola.com/libtrc/
764 KB
159 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9c26422444f4909d9a1dea66c068c2fc828c865ce62ec917fa55e142b6fef8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
phACf4zEVgWuU4uHX7YPPmtz1ozYPcss
content-encoding
br
via
1.1 varnish
date
Thu, 11 May 2023 20:06:26 GMT
x-amz-request-id
6EA1A7PNAPBBX0SX
age
989
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162589
x-amz-id-2
6bzTkINWSsU3zrq5twc4wtxJe5tHQrV0PuLnqaGzcd5dJ/hpU9Fl8EnxtVpoNT+0K+3lH3dp6L4=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 09 May 2023 11:43:17 GMT
server
AmazonS3-br
x-timer
S1683835587.927755,VS0,VE0
etag
"efe10832919698d8fd2976348813687c"
vary
Accept-Encoding
content-type
application/javascript
abp
53
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1017
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 06:33:55 GMT
content-encoding
gzip
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
50553
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
085SlcRwWgx_Dkvp6-hayi0myjYHlfG3j9JUdyoAW_LzOaS0I1a3Dg==
f
fid.agkn.com/
0
0

unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://ultrasurfing.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 May 2023 20:06:27 GMT
gcid_s.min.js
p.gcprivacy.com/t/
9 KB
10 KB
Script
General
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
jt4ZnrYXxK0Tc9o56lUGTSds0r80tPTc
date
Thu, 11 May 2023 01:50:33 GMT
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 13:48:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
65755
x-amz-server-side-encryption
AES256
etag
"dac6676675972d00f4ec994de0578005"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9500
x-amz-cf-id
4135l5IP7kDtb4cZUAmqjhUibZB7elijADbr3QP4To-4BMfFUn8_hg==
prebid
ib.adnxs.com/openrtb2/
49 KB
13 KB
XHR
General
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
12d8a059dc9d896ba6fb8634510c6afe07672ee616117bb140a5b515a5f16754
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:06:27 GMT
Content-Encoding
gzip
x-openrtb-version
2.4
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0850bcc4-9421-426d-b2a5-0495fe1a7694
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
276 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
hbjson
grid.bidswitch.net/
23 B
239 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.41.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-41-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb58c9d1308d5c5795f6ce237d4371aa1cb54474899db5ccdff8e67a5d9e5749

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
48
content-type
application/json
prebid-request
onetag-sys.com/
15 B
363 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/
33 KB
11 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e249bc435accebad73bbcd86c6b577e9b25cf24c6e8497347f6c4017c3e0ef09
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:06:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7483f086-0e43-4a3d-8779-bae02cd7059e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
567 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=930331
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80f3e37043f17036c82b69b31bff8b8342ce4c998a24c06ddbe4a6ee3d1325f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KM%2FxtppF9YjjzrcUaXLwRriFMShMUjQfG5EQ9ey1RPScIW5wHS3APCCyd%2B8d53ZJT0H%2FkPqCgUgr6YwA21evquLngJlWcrbO%2FaRY43LTl9EkCQCJDz8UIGfmxoOVjApo019v7aXU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c5d0ae2c975364b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/
0
225 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.45.0&p=%5B%7B%22placement_id%22%3A%22e1919e8e-fd4d-40af-ba5a-615d0f01470a%22%2C%22callback_id%22%3A%22776e77b5caae563%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%2276c9d1d9-4a4e-4f04-a942-42c9980bbb4a%22%2C%22auctionId%22%3A%22fe2765a8-38bc-4a66-9d31-514955a28fcd%22%7D%2C%7B%22placement_id%22%3A%22b9fe13db-3b5d-4a1a-9b17-2bda919492ef%22%2C%22callback_id%22%3A%22789c4d322e1ee77%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%22212559e2-72e5-4d85-ae90-1374599a8a5d%22%2C%22auctionId%22%3A%22fe2765a8-38bc-4a66-9d31-514955a28fcd%22%7D%2C%7B%22placement_id%22%3A%222ec862b0-bd27-4402-af8c-77ca60269b1f%22%2C%22callback_id%22%3A%227937b3b78b1292a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%2252b70bc7-12da-4047-b94d-98798dec9515%22%2C%22auctionId%22%3A%22fe2765a8-38bc-4a66-9d31-514955a28fcd%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F&bust=1683835586938&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=6a914654-6fed-416d-a36f-88694a31f015&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226a914654-6fed-416d-a36f-88694a31f015%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.18.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-18-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidjs
rtb.openx.net/openrtbb/
53 B
258 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
01e6af74c919664d7ebb23765ff42321e13cd1749ef6ca6a3a15728fb286b924

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
ap.lijit.com/rtb/
25 B
403 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.45.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
70f2f0557e3584feee01e1ca1eefe848cfd2250c8b3184111a5e654bf0e76395

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:06:27 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8889c32eb6f6d47a9b804fc4adc31cef08da9c28cdf428d2dd13cad96bbce960

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 11 May 2023 20:06:27 GMT
hb
rt.marphezis.com/
0
172 B
XHR
General
Full URL
https://rt.marphezis.com/hb
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:26 GMT
access-control-allow-credentials
true
vary
Origin
auction
tlx.3lift.com/header/
19 B
555 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.45.0&referrer=http%3A%2F%2Fultrasurfing.com%2F&tmax=2000
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.92.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-92-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
431 B
764 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=6a914654-6fed-416d-a36f-88694a31f015%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.45.0&x_source.tid=76c9d1d9-4a4e-4f04-a942-42c9980bbb4a&l_pb_bid_id=1048107b321e10c3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=76c9d1d9-4a4e-4f04-a942-42c9980bbb4a&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.9524796757782872
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1b6e6ce2d7697506fd2219e550944df31e895c0ece0f8e26c85825a7652a6af7

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
431
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
429 B
988 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=6a914654-6fed-416d-a36f-88694a31f015%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.45.0&x_source.tid=212559e2-72e5-4d85-ae90-1374599a8a5d&l_pb_bid_id=105a02334f4020ac&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=212559e2-72e5-4d85-ae90-1374599a8a5d&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.7016534529971832
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8568ccdb463375872de9737e7beb39bea2f9e503792ee2d09cf16341f6714c39

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
429
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
427 B
759 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=6a914654-6fed-416d-a36f-88694a31f015%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.45.0&x_source.tid=52b70bc7-12da-4047-b94d-98798dec9515&l_pb_bid_id=106934ea964d47c1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=52b70bc7-12da-4047-b94d-98798dec9515&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.1547902114294717
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
96b5270278ef9513bbc906f078131869ef57824522c1e6f5304ab5a848d10e2e

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
427
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/
0
163 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/
6 KB
2 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b2882735b2cecedd75957446c8d05c24714ca0d592afab71b82a0739723ad76f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:06:26 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1368
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 18 May 2023 20:06:27 GMT
adapex.js
c.neodatagroup.com/
30 KB
10 KB
Script
General
Full URL
http://c.neodatagroup.com/adapex.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF6) /
Resource Hash
c645b2297568c10fd6b2a345d2cda9abd7e1266845d2778be66216342cefabc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 11 May 2023 20:06:27 GMT
Content-Encoding
gzip
Content-MD5
coEWV/XgLvSVadUuYlWzxg==
Age
3004
X-Cache
HIT
Content-Length
9988
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 04 May 2023 08:48:50 GMT
Server
ECAcc (frc/4CF6)
Etag
"0x8DB4C7C61DE5253+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
x-ms-request-id
876cd692-c01e-0020-0e3d-84d4c0000000
Cache-Control
max-age=7200
x-ms-version
2014-02-14
Expires
Thu, 11 May 2023 22:06:27 GMT
b
sb.scorecardresearch.com/
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683835586998&ns_c=UTF-8&c3=1&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Rcc08xLJXNNf0V9M4ylGJVVABM0Gb1FnV-sMa0eSLH_KeJIspIe8aw==
x-cache
Miss from cloudfront
config
c.amazon-adsystem.com/cdn/prod/
2 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:55:23 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
664
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2326
x-amz-cf-id
ql2X9LOXNR24dMYr0JN-JW2rDwhcaCMB2Z-dXi2lnp62vFicrsv-bQ==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=9V27J8i5fsJkU&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22e1919e8e-fd4d-40af-ba5a-615d0f01470a%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%22b9fe13db-3b5d-4a1a-9b17-2bda919492ef%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%222ec862b0-bd27-4402-af8c-77ca60269b1f%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
GVNE816ZJDHJTK3KQJFP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
hNQLPzRqY2ilELcKFA4CRJT-tumoZhUsHVUGpx__N2tqugiWVCMOmA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
0
0

pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 19:40:17 GMT
Server
Apache
ETag
"d734-5f2f3919e751f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17407
Expires
Thu, 11 May 2023 20:21:27 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 22:42:19 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:13:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
77049
etag
W/"dc01f342ec44b3f8f5767d7b93fe1ac8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Q_-nisq4CTr0ipaEiMc8UjHNeWTP4zDP3VDcLFKdGoGkeqZin6jeqg==
hadron.js
cdn.hadronid.net/
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
1260
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7c5d0ae37d6d3a98-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
E6MT7PBY6EQKW5AR
age
1663
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c5d0ae37d635c32-FRA
x-amz-id-2
u1WrkdVVFEoTU6YrngHfFr6RftQN5a9M9DWspimxQwoXV19NUExvqPZUarqq+rvOUt0FQM2HyI0=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
450 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.176.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-176-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:06:27 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.176.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-176-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 11 May 2023 20:06:27 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
p2.gcprivacy.com/v2/
155 B
524 B
XHR
General
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=6a914654-6fed-416d-a36f-88694a31f015&u=http%3A%2F%2Fultrasurfing.com%2F&h=ultrasurfing.com&ref=
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.180.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-180-138.compute-1.amazonaws.com
Software
/
Resource Hash
e4f806631f67f474767c52a993840d15d98db05ada4d98fa5ac55ef6ad451e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
155
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/
403 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 08:04:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
43317
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127538
x-xss-protection
0
server
cafe
etag
14255841817258122496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 May 2024 08:04:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
3 KB
662 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8c7af98a343460cc0320f4f5a5bf266e86619b2cdd23d787dab758269439daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
637
x-xss-protection
0
expires
Thu, 11 May 2023 20:06:27 GMT
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Protocol
H2
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
295613
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control
no-cache
content-length
0
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/
83 KB
22 KB
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=20%3A06%3A27.094&lti=deflated&data=%7B%22id%22%3A18%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1683796663655%2C%22vi%22%3A1683835587092%2C%22cv%22%3A%2220230509-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1485%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A105%2C%22mw%22%3A950%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1386.90625%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A120%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32bab33a9f0d77e9b2bb53e8cc82d542563e157cd1a12a25fd81626fd1989059

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
425
date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-etou8220034-FRA
server
nginx
x-timer
S1683835587.121148,VS0,VE425
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
247 B
XHR
General
Full URL
https://trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
  • https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
160 B
635 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Protocol
H2
Server
2600:9000:223c:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:27:41 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2326
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
TimKDYcEIAcOxQo1fTmoByssHqKAESBZNgODCTN7rrVgGvn-kBqcWw==

Redirect headers

Date
Thu, 11 May 2023 20:06:27 GMT
Via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
iQyb4Srw52MZdSNHS4R0g5bHaIZtazFIozFN45CM-ylTRLiolCkTnA==
ps-topics.html
c.neodatagroup.com/ Frame B83E
2 KB
1 KB
Document
General
Full URL
https://c.neodatagroup.com/ps-topics.html?sid=2033
Requested by
Host: c.neodatagroup.com
URL: http://c.neodatagroup.com/adapex.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
3857634543824c46b5f1f435e9375e75e0ad96b16d9bf4525e54f0f14bfb25e8

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4572
cache-control
max-age=7200
content-encoding
gzip
content-length
918
content-md5
8KzndH43fcLeRwVWvG3dqA==
content-type
text/html
date
Thu, 11 May 2023 20:06:27 GMT
etag
"0x8DB47F72DB48BAD+gzip"
expires
Thu, 11 May 2023 22:06:27 GMT
last-modified
Fri, 28 Apr 2023 14:45:15 GMT
server
ECAcc (frc/4CB9)
vary
Accept-Encoding
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
b1b2bfed-601e-0074-1539-849b97000000
x-ms-version
2014-02-14
map
bcp.crwdcntrl.net/6/
60 B
334 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.89.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-89-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4dd52405cc2ef91346268023c4b7cc5b6751783649fb73e164282ecd595a88ef

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.5.127
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/
101 B
291 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3b8b373035174d6b983146e654d9a55a5607568032335bf109eb0db2344c71

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7c5d0ae51f983666-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7c5d0ae45e173666-FRA
content-length
0
content-type
application/json
date
Thu, 11 May 2023 20:06:27 GMT
debug
OPTIONS block
expires
Fri, 10 May 2024 20:06:27 GMT
server
cloudflare
v1
lb.eu-1-id5-sync.com/lb/
33 B
402 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0c6e52091ad8d52e336822918cddcc9f730e0a17ad3946c881267af32d4a6039
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel;r=2135561812;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-1435782620-1683835587102;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2135561812;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-1435782620-1683835587102;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=0;et=1683835587264;tzo=0;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F1e2a5b5_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=0a1b3941-d017-481c-a00d-b3afa8eebcda;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
579.json
id5-sync.com/g/v2/
241 B
650 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
4611246a572821ab980883dacc15ce406a00045fbc2e150bb93bad191f0f788e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
hourlystat
tempnextstat.bcovery.com/
1 B
83 B
XHR
General
Full URL
https://tempnextstat.bcovery.com/hourlystat
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
hourlystat
tempnextstat.bcovery.com/ Frame
0
0
Preflight
General
Full URL
https://tempnextstat.bcovery.com/hourlystat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 May 2023 20:06:27 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 11 May 2023 20:06:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
354833
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
49 B
250 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.45.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/
2 B
373 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
304338
expires
0
pbhid
id.hadron.ad.gt/api/v1/
141 B
183 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7c5d0ae5b8493666-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/
135 B
544 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

any
idx.liadm.com/idex/prebid/
121 B
473 B
XHR
General
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.127.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-127-242.compute-1.amazonaws.com
Software
/
Resource Hash
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
trace-id
5d0cf52f9f771136
content-length
121
id
id.crwdcntrl.net/
43 B
316 B
XHR
General
Full URL
https://id.crwdcntrl.net/id?c=17228
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.89.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-89-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.30.79
access-control-allow-credentials
true
content-length
43
expires
0
fpc
at.teads.tv/
0
338 B
XHR
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:27 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:06:27 GMT
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
158 KB
33 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1290437441629794&correlator=1737282605157322&eid=31074303%2C31074470&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=1572973691%2C3341927898%2C3165786696&didk=2583380073~1402716240~1252809663&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D120x600%26hb_pb%3D0.25%26hb_adid%3D120f02f2af428fa1%26hb_bidder%3Dappnexus%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.08%26hb_adid%3D121ba0509f49fea9%26hb_bidder%3Dappnexus%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_adomain%3Dgeneralsearch.net%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_size%3D300x600%26hb_pb%3D0.64%26hb_adid%3D119d58ffcc7cce38%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D800%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26fabrickIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26waae%3D600%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=0&cookie_enabled=1&abxe=1&dt=1683835587491&lmt=1683835587&dlt=1683835586373&idt=774&adxs=325%2C436%2C975&adys=120%2C1421%2C120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x1420%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=1070517397.1683835587&ga_sid=1683835587&ga_hid=1562403468&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acdd89e8d5b8c944579b98ff71f14671fbcb01786d1308b884c542865b1950d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
google-lineitem-id
5182049916,-1,5182050189
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138366628389,-1,138366628389
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43339c60e19f2fce2ba2c5bd81941be5cca2b57854d2c408884ee854b9730910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11396
x-xss-protection
0
container.html
4a904a185e45baeb853260f4918ec5d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F12
6 KB
3 KB
Document
General
Full URL
https://4a904a185e45baeb853260f4918ec5d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:06:27 GMT
expires
Fri, 10 May 2024 20:06:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
405
a.ad.gt/api/v1/u/matches/
11 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae2943fdef7508730ae58037aeb9e3c1cec75bfdaccd3e448d3f9edbe9a91611

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 20:03:18 GMT
server
cloudflare
age
189
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7c5d0ae65d355c1a-FRA
v1
lb.eu-1-id5-sync.com/lb/
33 B
402 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
19e44db8e9ee42dbd948e9883b87cb4e4442ec6e6944a48c358a4d0b837afb1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
579.json
id5-sync.com/g/v2/
241 B
650 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a029e04f75118e10cd8a3a407f8effcbee2a9029837cd02f01df2ab6eb788582
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:06:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
floating-unit.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d58b29ffaca204de2d5e1e4e12ebe5dcb7d85ba97268e86470798d2da291481

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
aux8avJAleVGlF4LzHJ7fmFFAWMcXDt4
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
SN60813X3X10PSQ8
age
39115
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
gSA8BxFYLweVlG5S+aYvr3LvW+mATK9ywcatY9Z++nQmyoRvve1kT1vA3YhqnG5Is9mxM9/xmHE=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:33 GMT
server
AmazonS3
x-timer
S1683835588.582365,VS0,VE0
etag
"269781bea754f87ed30cebdc501a0537"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
8
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1657
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.1/
111 KB
31 KB
Script
General
Full URL
http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:27 GMT
Via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
212377
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront, HIT
Connection
keep-alive
Content-Length
31023
X-Served-By
cache-fra-eddf8230033-FRA
Last-Modified
Tue, 09 May 2023 09:06:26 GMT
Server
AmazonS3
X-Timer
S1683835588.606342,VS0,VE0
ETag
"f42b894e197d2128ee7d3b438e0ac56d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
X-Cache-Hits
21669
feed-card-placeholder.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0a8ab249355bdff84d2b0e7643c3d39ed25327d8bad19d6e28b8b28754c5f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
4zQej01Ka84LUuaeGJVkkHQFiggVK9Ab
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
BSSMH81ZZDFDKC7V
age
39120
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
PMsic7NC0buC/5UYK2uejjXPLz313uY4VeYBPyS/Urf4naGAzqBDy7M22Ak3hxhKmNbmYZSIBBY=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:28 GMT
server
AmazonS3
x-timer
S1683835588.585286,VS0,VE0
etag
"5ef5c601633c0178274a6ad7fc9096ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
30198
cta-component.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
19 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a573d67271700ec3fb1825170fdba883d0caf2a32f5c4aabccc12ea37dcc08e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
uPJMICq83fwOnp4BNeclsZ_xWU0YryPY
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
0VH730CWR7T3KW1J
age
39126
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4739
x-amz-id-2
QfFuRGJ9cPOXq3gDwYQv9QIKwBShC3oSTGH9hAUfoM7eumixBTi8bdnlMbqhp2tbhg+RiAZ5LVI=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:21 GMT
server
AmazonS3
x-timer
S1683835588.608790,VS0,VE0
etag
"6a8c529020b41a08ada3f5d5705a61e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
31807
userx.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67b8c17b3c24a3061095d1478d3719f933c99faec550958e80db1b59c8318e13

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
BgPUWl.hH8pvbzAIC9zryCQtBe3vh3EA
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
SBJ6E6WYKF4JP71G
age
39092
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
2tP4RtnW6GIpBFpsT5EZvziKMfwSe0izG7qDLATZKdmRPn40xZ2nXryCSjWkOCmMx/dRUZEbv24=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:56 GMT
server
AmazonS3
x-timer
S1683835588.613055,VS0,VE0
etag
"4eb43a9bb8806de58a74bb8f9fdd68a1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
74
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9383
distance-from-article.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6e2e3a5ebde222062f455c1adc8c3a18f93746015048fb9cca6fb69f58fee98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
C.YqZrU3ZRhJGon2bFlxAB2iU.0sEf8E
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
7K765GQHPNSDJKEN
age
39125
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1136
x-amz-id-2
wmmbSVb/zMY4H0bizW177K49Ba85/yD7yxcQgccQIil2v/poD004ZXZaB0ldOwlT2Du9FGg09xY=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:23 GMT
server
AmazonS3
x-timer
S1683835588.614024,VS0,VE0
etag
"cce3ec2824d8f1b5b1d536c18680c657"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
32531
article-detection.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b532d2ce382b585afd8dcb5ebee9658b00bdf5a666198ce2f6ec2dbc1d4da73c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yrBKKJfiEFF01zLzGxcZHOE6_YXoRdWB
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
4EBJW5SX18TDV0WX
age
39132
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1237
x-amz-id-2
zPz/c4+1QGRLJOyYgCrRH7u6r7gY1F78QadgUXoMreonT2c67/xGoPoYOOOLtXKxuH3qDHozYJ8=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:16 GMT
server
AmazonS3
x-timer
S1683835588.614776,VS0,VE0
etag
"9f0896b6a05a05b3593adc36d2fd2e64"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
47181
share-buttons-detection.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
1 KB
973 B
Script
General
Full URL
https://cdn.taboola.com/libtrc/share-buttons-detection.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
543969c810bc5a87f0701133e8a03ba5daf57e2a0b705283ed66e3485ab86d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
TzBKIcAteV7LXpJFBRiTbiJlpF3kvCGL
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
8S2M15G57P10YC7P
age
39106
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
680
x-amz-id-2
mGpXMk/e7tahHh78pxivGIDWFs0XXqrakxCEczQnLE9dMDQ4Ioopj6VDWxlQEdti8Ogpet6Be1c=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:41 GMT
server
AmazonS3
x-timer
S1683835588.614795,VS0,VE0
etag
"1f1dbc57ae7fe8efdb550e730753105c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
47548
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
3 KB
Image
General
Full URL
http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
TVRHNHYBPQ9HMG0X
Age
53
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1758
x-amz-id-2
uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
X-Served-By
cache-fra-eddf8230078-FRA
Last-Modified
Wed, 07 Feb 2018 11:15:52 GMT
Server
AmazonS3
X-Timer
S1683835588.602266,VS0,VE0
ETag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
abp
27
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Cache-Hits
83
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
246 B
Ping
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1683835587600%7D&tim=20%3A06%3A27.600&id=6409&llvl=2&ri=ebdd56dfd4f90ef027a7a946a3749969&sd=v2_fd26d40562cb9133c2d10c614d5c925d_095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043_1683835587_1683835587_CIi3jgYQ8-NDGJSUsOOAMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043&pi=/&wi=-1709852854480885386&pt=home&vi=1683835587092&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=20%3A06%3A27.561&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=4292&cv=20230509-15-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27200
supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ebdd56dfd4f90ef027a7a946a3749969&sd=v2_fd26d40562cb9133c2d10c614d5c925d_095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043_1683835587_1683835587_CIi3jgYQ8-NDGJSUsOOAMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043&pi=/&wi=-1709852854480885386&pt=home&vi=1683835587092&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=20%3A06%3A27.570&id=8561&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ebdd56dfd4f90ef027a7a946a3749969&sd=v2_fd26d40562cb9133c2d10c614d5c925d_095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043_1683835587_1683835587_CIi3jgYQ8-NDGJSUsOOAMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043&pi=/&wi=-1709852854480885386&pt=home&vi=1683835587092&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1683835587579%7D&tim=20%3A06%3A27.579&id=451&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=20%3A06%3A27.595&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=1159&cv=20230509-15-RELEASE&lt=deflated&idx=pc&pc=split-1&st=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27200
B29577490.362891367;dc_pre=CNrNwbCI7v4CFXLkuwgdouELDA;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CNrNwbCI7v4CFXLkuwgdouELDA;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...
42 B
220 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CNrNwbCI7v4CFXLkuwgdouELDA;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Protocol
H2
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CNrNwbCI7v4CFXLkuwgdouELDA;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/
33 KB
9 KB
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=20%3A06%3A27.618&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A625%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_fd26d40562cb9133c2d10c614d5c925d_095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043_1683835587_1683835587_CIi3jgYQ8-NDGJSUsOOAMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABo_5unsoL-6_KlAXAA%22%2C%22ui%22%3A%22095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043%22%2C%22uifp%22%3A%22095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043%22%2C%22lbt%22%3A1683796663655%2C%22vi%22%3A1683835587092%2C%22cv%22%3A%2220230509-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3213%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1174.125%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c65e345a7ea8e8d6433e67c8efd69ec6cb4d3a8d455ed5afb5d95153e0e60446

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
655
date
Thu, 11 May 2023 20:06:28 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-etou8220034-FRA
server
nginx
x-timer
S1683835588.628337,VS0,VE655
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
246 B
XHR
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
985137888__hi4xzDAU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d12e123952767a0af22e97aed0faf979e1d83f9a46eb76f9399ea480f50ded1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
age
3503003
edge-cache-tag
294627647531404584068419212342316804301,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
294627647531404584068419212342316804301,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
546
req-referer
https://krishijagran.com/agripedia/hydroponics-vs-aquaponics-vs-aeroponics-which-is-profitable/
content-length
5054
x-request-id
32d9e92e9e89b0e1985db6e0c2c74433
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000055-IAD, cache-iad-kiad7000080-IAD, cache-lax10633-LGB, cache-iad-kjyo7100046-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 28 Mar 2023 22:41:02 GMT
server
nginx
x-timer
S1683835588.635845,VS0,VE1
etag
"5dd007b0ae5a1b25992abb735df4d252"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 74, 69
42d2e4314f1df04b31a07e2661c16684.png
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f92c342fb7abf81a360832f55d3df80b35b51ee667b7337f2ef9ef519175cf91

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
age
1272189
edge-cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
411
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ktiv.com/2023/01/24/police-shooting-that-killed-2-youth-program-was-targeted/
content-length
12560
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000154-IAD, cache-iad-kiad7000105-IAD, cache-lax10670-LGB, cache-iad-kjyo7100098-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 15:13:17 GMT
server
nginx
x-timer
S1683835588.635666,VS0,VE0
etag
"71b33907647c9b56aacafac2de9f0d46"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40, 2
2bbf2d4653398ce5d1baeaa0c071ad19.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
19 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d50307df742b363a2828b00e4ad0b51db700a817a5859d18b40ebea9ebb4363

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
age
932848
edge-cache-tag
402128883352376495707181058827973994527,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
402128883352376495707181058827973994527,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
366
req-referer
https://www.express.de/
content-length
19000
x-request-id
907789308453880a00f6742b29ab5bfb
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100035-IAD, cache-iad-kcgs7200074-IAD, cache-lax10650-LGB, cache-iad-kjyo7100140-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 26 Apr 2023 16:51:51 GMT
server
nginx
x-timer
S1683835588.635288,VS0,VE2
etag
"1824b7a65c9d0c3785f20e4a229c286d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 61, 1
f871c69637e7a0d4c4c868bb59e8caee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
274f572aaf1453d313af892b1af4ce76b413ca833b6c3ec062923eb6e82db61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
age
2322815
edge-cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
13176
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100144-IAD, cache-iad-kiad7000066-IAD, cache-chi-kigq8000037-CHI, cache-iad-kiad7000139-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 14:37:49 GMT
server
nginx
x-timer
S1683835588.637353,VS0,VE1
etag
"5e2ca84a187ab116becf7ad083656d9f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 3, 815
4c06b2be5b7a071c423721f3654c7b23.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56953a5130eb470c069a867bd1851c0028aa5e15e14719bb58a7454ce9c4532a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
age
936161
edge-cache-tag
333684090993286322378305254364851763090,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
333684090993286322378305254364851763090,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
130
req-referer
https://www.tennisnet.com/
content-length
32118
x-request-id
fa93b26e6a9be8490b869a887abfd146
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000146-IAD, cache-iad-kiad7000103-IAD, cache-lax10659-LGB, cache-iad-kcgs7200130-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 26 Apr 2023 16:52:01 GMT
server
nginx
x-timer
S1683835588.640338,VS0,VE2
etag
"bf641fced91125ba3524a2544bfd6139"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 24, 1
ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22f0a1deaad55d20892f403df7572309e177e5a65eaad2fca1e811f3876d51b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age
2604532
edge-cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/fussball/champions-league/2023/04/ex-city-star-rosler-vor-bayern-knaller-mein-herz-schlagt-naturlich-fur-city
content-length
20332
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000093-IAD, cache-lax10643-LGB, cache-iad-kiad7000109-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 14 Mar 2023 08:24:24 GMT
server
nginx
x-timer
S1683835588.673996,VS0,VE0
etag
"9ccaa3b58f3f333af0244c3fedecaa3b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 116
f0341e10a1b4bd129a0093430be788bf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0341e10a1b4bd129a0093430be788bf.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
449af71a6dc969c041208f40c584f681e7c0a97735928075243e9ccd57720d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0341e10a1b4bd129a0093430be788bf.jpg
age
306363
edge-cache-tag
484150984556381116162767338395778696820,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
484150984556381116162767338395778696820,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
271
req-referer
https://www.t-online.de/
content-length
8172
x-request-id
44387e4aeaf29c6b60c5b481640f8d66
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100149-IAD, cache-iad-kcgs7200104-IAD, cache-chi-kigq8000023-CHI, cache-iad-kiad7000156-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 07 May 2023 18:00:05 GMT
server
nginx
x-timer
S1683835588.675003,VS0,VE3
etag
"f4485d76adc8ef7ebdafc9daca77ea2b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
e263f44cef340668db586471b70661d4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3541648f363655512d227b22cb0b26cbb9e2601d40cafeb9e76aa117be0625ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
age
3837109
edge-cache-tag
364560876160549481589467145760867241195,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
364560876160549481589467145760867241195,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
136
expiration
expiry-date="Sat, 01 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://smallbusiness.chron.com/
content-length
12154
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100164-IAD, cache-lga21967-LGA, cache-iad-kjyo7100122-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 01 Mar 2023 07:05:45 GMT
server
nginx
x-timer
S1683835588.675991,VS0,VE1
etag
"0a6c7debb7fc705c5ba0950ca1a62058"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 38, 43
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
36 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d8b7b425ee0ae631ee29ded57fd61336197096d9bba829a993fd20a7bdf9f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
3762125
edge-cache-tag
614864820090109347195755692061116706336,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
264
expiration
expiry-date="Tue, 11 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.italiaatavola.net/
content-length
36750
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100142-IAD, cache-iad-kjyo7100100-IAD, cache-chi-kigq8000033-CHI, cache-iad-kiad7000138-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 11 Mar 2023 07:37:12 GMT
server
nginx
x-timer
S1683835588.676823,VS0,VE0
etag
"d30ff3fe1038d69abc90136b4c2d1fb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 186, 121
9b530b5328337287aa589ea99bc476a9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b530b5328337287aa589ea99bc476a9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f41f25d5afc75f427b83012202454df6929af6614233391464977d3c45dfbc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b530b5328337287aa589ea99bc476a9.png
age
3244793
edge-cache-tag
392649510300123882777020332852293408702,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
392649510300123882777020332852293408702,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
209
expiration
expiry-date="Thu, 20 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://newstral.com/
content-length
32482
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kcgs7200130-IAD, cache-lax10626-LGB, cache-iad-kjyo7100035-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 20 Mar 2023 08:50:02 GMT
server
nginx
x-timer
S1683835588.677563,VS0,VE2
etag
"08b74f576ad264d2e42f595e44998cc1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 62, 1
knt95pypdqutanj75nl6.mp4
cdn.taboola.com/libtrc/static/video/v1677508449/
524 KB
525 KB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1677508449/knt95pypdqutanj75nl6.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a0a18910f117e0d70cef28c6b8b19085eebe7604d0ad0bb03f9cfe8c61a155c

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
1S8xjQaKPEHXzmVpq5L9HnIzhuynIjCp
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish
x-amz-request-id
DM032HG2AGQSG8H6
age
20
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-536888/536889
x-amz-replication-status
COMPLETED
Content-Length
536889
x-amz-id-2
F/tEAI4Yg/OzGdjw71aHmauPgIWnuPyQPcAAh1gbdezzRMAJy6adHzubKeovI103U8b0UUBpSG4=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Mon, 27 Feb 2023 14:34:14 GMT
server
AmazonS3
x-timer
S1683835588.681549,VS0,VE32
etag
"1f2c421f86e19fb3e3827dc698e9f438"
content-type
video/mp4;codecs=avc1
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
df3a4ac5ade89f51ecf6bc6df6af4013.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9831b282c3482dac51c808568a1c54d0d135ceacd48e1228cd7559e5b50c1bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
age
3354444
edge-cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
176
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.deccanherald.com/
content-length
11268
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100096-IAD, cache-lax10641-LGB, cache-iad-kiad7000047-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 08:29:01 GMT
server
nginx
x-timer
S1683835588.682612,VS0,VE0
etag
"f364167b0019b2c4592f1c3b282ecf83"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 6, 12
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
39 KB
40 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb551ae3191b43f698484ff839c96f202f65d4971f3c094f10efa8a737481448

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
4879139
edge-cache-tag
356663971345648207517802745915964355189,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
215
req-referer
https://www.yumpu.com/
content-length
40348
x-request-id
5ef5b5a245314f9dbd8b46d8aeaadccb
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000142-IAD, cache-iad-kcgs7200097-IAD, cache-lax10673-LGB, cache-iad-kiad7000095-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 16 Mar 2023 00:30:54 GMT
server
nginx
x-timer
S1683835588.699562,VS0,VE3
etag
"e75be195c7148524d7c7638c88780baa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 1, 271, 1
100c03df2b0c9f2b87eab600bd0a19a0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/100c03df2b0c9f2b87eab600bd0a19a0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fefff4eb67be125e9acda1cb3374802f5980756a95b265c96d5d9dce243af04b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/100c03df2b0c9f2b87eab600bd0a19a0.png
age
2536622
edge-cache-tag
335430466280640400226351122835675618192,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
335430466280640400226351122835675618192,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
112
expiration
expiry-date="Tue, 18 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.huffpost.com/
content-length
24682
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200037-IAD, cache-iad-kcgs7200126-IAD, cache-lga21981-LGA, cache-iad-kcgs7200059-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 18 Mar 2023 13:14:44 GMT
server
nginx
x-timer
S1683835588.703202,VS0,VE2
etag
"4ec89e6380891928919d4929e6cab998"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 12, 1
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 May 2023 20:06:27 GMT
hfblnc0qw9nsh6yxwub1.mp4
cdn.taboola.com/libtrc/static/video/v1683482366/
120 KB
121 KB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1683482366/hfblnc0qw9nsh6yxwub1.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9036e0136b1f27073a8a30cad42b360f28fe95001e5562f4030c915a6c633e51

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
AFiQHFm4NEhojNnfn1lYR2ulBp46YSiA
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish
x-amz-request-id
SZQZ86Z7NXVRKEDG
age
31
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-123257/123258
x-amz-replication-status
PENDING
Content-Length
123258
x-amz-id-2
u55zjqoXaefYKaCLN2rbQQnz0vVG1kZLX3ZvRw7K3pEuyweVJcjUpbkUrJjaC+3CzxoUs0o4l3s=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Sun, 07 May 2023 17:59:30 GMT
server
AmazonS3
x-timer
S1683835588.691095,VS0,VE1
etag
"7448cfa0f8bd3811a8c3d51ac98462bb"
content-type
video/mp4;codecs=avc1
abp
29
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
xndsn1jlnnyz3tviwvgn.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1662536394/
1 MB
1 MB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1662536394/xndsn1jlnnyz3tviwvgn.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cd238860c3b0df4b3380477a8e432ecae018dcbbe87546e76415c277acae3b1

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
rIl3OX.vnM7tU7RIeOxty5e69HOiMyHa
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish
x-amz-request-id
R5W75Z71H1XZQH2X
age
77
x-cache
HIT
Content-Range
bytes 0-1347714/1347715
x-amz-replication-status
COMPLETED
Content-Length
1347715
x-amz-id-2
fEYCO9ukUjF8eLP1vbeD7Y4jH7jfFL60x3ErnS1OH059KageziJ+u0w76XjyZ2Z3MPsY/q3f9To=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Wed, 07 Sep 2022 07:40:16 GMT
server
AmazonS3
x-timer
S1683835588.691385,VS0,VE6
etag
"fd0ceca53435e9433fd9ac9c73830445"
content-type
video/mp4;codecs=avc1
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
next-up-widget.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/
16 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf2d6d1676ee3c177dbcdf3cde63d34682913661e73388cb408f1815a609c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
1sYJKeavTNSD4prusrqYPRnw61zsb1bF
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:27 GMT
x-amz-request-id
BABZHN3N94P2BN27
age
39111
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4624
x-amz-id-2
41SaBlax89+MInGcHrP5fXVRa+GLzvCCLhp+bG7+iR3V2AT4Z1dP9X9qBCufSljzJ+QU4zPqnw0=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 11 May 2023 09:14:36 GMT
server
AmazonS3
x-timer
S1683835588.692955,VS0,VE0
etag
"26165b168c609de3d9a9c178e816e75c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1596
985137888__hi4xzDAU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d12e123952767a0af22e97aed0faf979e1d83f9a46eb76f9399ea480f50ded1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
age
3503003
edge-cache-tag
294627647531404584068419212342316804301,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
294627647531404584068419212342316804301,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
546
req-referer
https://krishijagran.com/agripedia/hydroponics-vs-aquaponics-vs-aeroponics-which-is-profitable/
content-length
5054
x-request-id
32d9e92e9e89b0e1985db6e0c2c74433
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000055-IAD, cache-iad-kiad7000080-IAD, cache-lax10633-LGB, cache-iad-kjyo7100046-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 28 Mar 2023 22:41:02 GMT
server
nginx
x-timer
S1683835588.708883,VS0,VE0
etag
"5dd007b0ae5a1b25992abb735df4d252"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 74, 70
42d2e4314f1df04b31a07e2661c16684.png
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f92c342fb7abf81a360832f55d3df80b35b51ee667b7337f2ef9ef519175cf91

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
age
1272189
edge-cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
411
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ktiv.com/2023/01/24/police-shooting-that-killed-2-youth-program-was-targeted/
content-length
12560
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000154-IAD, cache-iad-kiad7000105-IAD, cache-lax10670-LGB, cache-iad-kjyo7100098-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 15:13:17 GMT
server
nginx
x-timer
S1683835588.710054,VS0,VE0
etag
"71b33907647c9b56aacafac2de9f0d46"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40, 3
2bbf2d4653398ce5d1baeaa0c071ad19.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
19 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d50307df742b363a2828b00e4ad0b51db700a817a5859d18b40ebea9ebb4363

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
age
932848
edge-cache-tag
402128883352376495707181058827973994527,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
402128883352376495707181058827973994527,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
366
req-referer
https://www.express.de/
content-length
19000
x-request-id
907789308453880a00f6742b29ab5bfb
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100035-IAD, cache-iad-kcgs7200074-IAD, cache-lax10650-LGB, cache-iad-kjyo7100140-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 26 Apr 2023 16:51:51 GMT
server
nginx
x-timer
S1683835588.711201,VS0,VE0
etag
"1824b7a65c9d0c3785f20e4a229c286d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 61, 2
f871c69637e7a0d4c4c868bb59e8caee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
274f572aaf1453d313af892b1af4ce76b413ca833b6c3ec062923eb6e82db61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
age
2322815
edge-cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
13176
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100144-IAD, cache-iad-kiad7000066-IAD, cache-chi-kigq8000037-CHI, cache-iad-kiad7000139-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 14:37:49 GMT
server
nginx
x-timer
S1683835588.712693,VS0,VE0
etag
"5e2ca84a187ab116becf7ad083656d9f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 3, 816
4c06b2be5b7a071c423721f3654c7b23.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56953a5130eb470c069a867bd1851c0028aa5e15e14719bb58a7454ce9c4532a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
age
936161
edge-cache-tag
333684090993286322378305254364851763090,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
333684090993286322378305254364851763090,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
130
req-referer
https://www.tennisnet.com/
content-length
32118
x-request-id
fa93b26e6a9be8490b869a887abfd146
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000146-IAD, cache-iad-kiad7000103-IAD, cache-lax10659-LGB, cache-iad-kcgs7200130-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 26 Apr 2023 16:52:01 GMT
server
nginx
x-timer
S1683835588.767088,VS0,VE0
etag
"bf641fced91125ba3524a2544bfd6139"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 24, 2
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ebdd56dfd4f90ef027a7a946a3749969&sd=v2_fd26d40562cb9133c2d10c614d5c925d_095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043_1683835587_1683835587_CIi3jgYQ8-NDGJSUsOOAMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043&pi=/&wi=-1709852854480885386&pt=home&vi=1683835587092&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22296.96875%22%2C%22eventTime%22%3A1683835587733%7D&tim=20%3A06%3A27.733&id=7263&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22f0a1deaad55d20892f403df7572309e177e5a65eaad2fca1e811f3876d51b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age
2604532
edge-cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/fussball/champions-league/2023/04/ex-city-star-rosler-vor-bayern-knaller-mein-herz-schlagt-naturlich-fur-city
content-length
20332
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000093-IAD, cache-lax10643-LGB, cache-iad-kiad7000109-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 14 Mar 2023 08:24:24 GMT
server
nginx
x-timer
S1683835588.792121,VS0,VE0
etag
"9ccaa3b58f3f333af0244c3fedecaa3b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 117
f0341e10a1b4bd129a0093430be788bf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0341e10a1b4bd129a0093430be788bf.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
449af71a6dc969c041208f40c584f681e7c0a97735928075243e9ccd57720d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0341e10a1b4bd129a0093430be788bf.jpg
age
306363
edge-cache-tag
484150984556381116162767338395778696820,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
484150984556381116162767338395778696820,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
271
req-referer
https://www.t-online.de/
content-length
8172
x-request-id
44387e4aeaf29c6b60c5b481640f8d66
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100149-IAD, cache-iad-kcgs7200104-IAD, cache-chi-kigq8000023-CHI, cache-iad-kiad7000156-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 07 May 2023 18:00:05 GMT
server
nginx
x-timer
S1683835588.792963,VS0,VE0
etag
"f4485d76adc8ef7ebdafc9daca77ea2b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
e263f44cef340668db586471b70661d4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3541648f363655512d227b22cb0b26cbb9e2601d40cafeb9e76aa117be0625ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
age
3837110
edge-cache-tag
364560876160549481589467145760867241195,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
364560876160549481589467145760867241195,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
136
expiration
expiry-date="Sat, 01 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://smallbusiness.chron.com/
content-length
12154
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100164-IAD, cache-lga21967-LGA, cache-iad-kjyo7100122-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 01 Mar 2023 07:05:45 GMT
server
nginx
x-timer
S1683835588.793095,VS0,VE0
etag
"0a6c7debb7fc705c5ba0950ca1a62058"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 38, 44
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
36 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d8b7b425ee0ae631ee29ded57fd61336197096d9bba829a993fd20a7bdf9f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
3762126
edge-cache-tag
614864820090109347195755692061116706336,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
264
expiration
expiry-date="Tue, 11 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.italiaatavola.net/
content-length
36750
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100142-IAD, cache-iad-kjyo7100100-IAD, cache-chi-kigq8000033-CHI, cache-iad-kiad7000138-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 11 Mar 2023 07:37:12 GMT
server
nginx
x-timer
S1683835588.793777,VS0,VE0
etag
"d30ff3fe1038d69abc90136b4c2d1fb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 186, 122
df3a4ac5ade89f51ecf6bc6df6af4013.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9831b282c3482dac51c808568a1c54d0d135ceacd48e1228cd7559e5b50c1bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
age
3354445
edge-cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
176
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.deccanherald.com/
content-length
11268
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100096-IAD, cache-lax10641-LGB, cache-iad-kiad7000047-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 08:29:01 GMT
server
nginx
x-timer
S1683835588.794641,VS0,VE0
etag
"f364167b0019b2c4592f1c3b282ecf83"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 6, 13
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
39 KB
40 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb551ae3191b43f698484ff839c96f202f65d4971f3c094f10efa8a737481448

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
4879139
edge-cache-tag
356663971345648207517802745915964355189,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
215
req-referer
https://www.yumpu.com/
content-length
40348
x-request-id
5ef5b5a245314f9dbd8b46d8aeaadccb
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000142-IAD, cache-iad-kcgs7200097-IAD, cache-lax10673-LGB, cache-iad-kiad7000095-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 16 Mar 2023 00:30:54 GMT
server
nginx
x-timer
S1683835588.804797,VS0,VE0
etag
"e75be195c7148524d7c7638c88780baa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 1, 271, 2
100c03df2b0c9f2b87eab600bd0a19a0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/100c03df2b0c9f2b87eab600bd0a19a0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fefff4eb67be125e9acda1cb3374802f5980756a95b265c96d5d9dce243af04b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/100c03df2b0c9f2b87eab600bd0a19a0.png
age
2536622
edge-cache-tag
335430466280640400226351122835675618192,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
335430466280640400226351122835675618192,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
112
expiration
expiry-date="Tue, 18 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.huffpost.com/
content-length
24682
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200037-IAD, cache-iad-kcgs7200126-IAD, cache-lga21981-LGA, cache-iad-kcgs7200059-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 18 Mar 2023 13:14:44 GMT
server
nginx
x-timer
S1683835588.806805,VS0,VE0
etag
"4ec89e6380891928919d4929e6cab998"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 12, 2
9b530b5328337287aa589ea99bc476a9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b530b5328337287aa589ea99bc476a9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f41f25d5afc75f427b83012202454df6929af6614233391464977d3c45dfbc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b530b5328337287aa589ea99bc476a9.png
age
3244793
edge-cache-tag
392649510300123882777020332852293408702,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
392649510300123882777020332852293408702,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
209
expiration
expiry-date="Thu, 20 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://newstral.com/
content-length
32482
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kcgs7200130-IAD, cache-lax10626-LGB, cache-iad-kjyo7100035-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 20 Mar 2023 08:50:02 GMT
server
nginx
x-timer
S1683835588.822368,VS0,VE0
etag
"08b74f576ad264d2e42f595e44998cc1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 62, 2
bulk-metrics
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
246 B
XHR
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
df3a4ac5ade89f51ecf6bc6df6af4013.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3ef9fbad3926440b6ca55d62cdcd277133f7775b1fba87aefc1fbf126991677

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
age
1857342
edge-cache-tag
559446151399961218454964529176607870239,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
559446151399961218454964529176607870239,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
48
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.jamaicaobserver.com/
content-length
3762
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000051-IAD, cache-iad-kcgs7200164-IAD, cache-lga21957-LGA, cache-iad-kjyo7100145-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 03 Apr 2023 05:14:57 GMT
server
nginx
x-timer
S1683835588.822623,VS0,VE2
etag
"93e001c23a7b90eb22147f162ecba3dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 5, 1
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07BC
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 19:10:58 GMT
expires
Fri, 10 May 2024 19:10:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5177
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d74af5a5adc5c6f3e9f61aa8950f6b0b7127b106126547e815a74823c2ea9360
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NO1YTRcZ4hSyXdSEc7P1LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NO1YTRcZ4hSyXdSEc7P1LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:06:27 GMT
expires
Thu, 11 May 2023 20:06:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
df3a4ac5ade89f51ecf6bc6df6af4013.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3ef9fbad3926440b6ca55d62cdcd277133f7775b1fba87aefc1fbf126991677

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
age
1857342
edge-cache-tag
559446151399961218454964529176607870239,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
559446151399961218454964529176607870239,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
48
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.jamaicaobserver.com/
content-length
3762
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000051-IAD, cache-iad-kcgs7200164-IAD, cache-lga21957-LGA, cache-iad-kjyo7100145-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 03 Apr 2023 05:14:57 GMT
server
nginx
x-timer
S1683835588.857853,VS0,VE0
etag
"93e001c23a7b90eb22147f162ecba3dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 5, 2
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 07BC
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 17:50:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
8186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 17:50:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5177
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305080101&jk=1290437441629794&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

st
imprammp.taboola.com/ Frame C4DF
422 B
625 B
Document
General
Full URL
http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683835587972&uv=3275&tms=1683835587972&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=91095f79-cb40-4588-94d1-c29bcace532a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44fdf8e86ebc1532b362f264d1100c76103ff724160b49d9efa0e1b4d81b2828

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 May 2023 20:06:28 GMT
Server
nginx
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230076-FRA
X-Timer
S1683835588.005944,VS0,VE10
transfer-encoding
chunked
sync
am-match.taboola.com/ Frame 472E
577 B
662 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
cf2b69892f79ce42a2f684f6af8cfb6023a82199762b0845151f5dc7af1bb93e

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 11 May 2023 20:06:27 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
1 KB
1 KB
XHR
General
Full URL
http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683835587977&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1518&pt=876413334&tz=0&viewable=true&ddast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

X-Cache-Hits
0
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Encoding
gzip
Via
1.1 varnish
MachineId
1441
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-fra-eddf8230065-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1683835588.027175,VS0,VE508
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
112 B
Image
General
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=31589837&cb=1683835587972&uv=3275&tms=1683835587972&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1683835586010.6!ts:1683835587972&mntl=1
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
knt95pypdqutanj75nl6.mp4
cdn.taboola.com/libtrc/static/video/v1677508449/
287 KB
0
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1677508449/knt95pypdqutanj75nl6.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
1S8xjQaKPEHXzmVpq5L9HnIzhuynIjCp
date
Thu, 11 May 2023 20:06:27 GMT
via
1.1 varnish
x-amz-request-id
DM032HG2AGQSG8H6
age
20
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-536888/536889
x-amz-replication-status
COMPLETED
Content-Length
536889
x-amz-id-2
F/tEAI4Yg/OzGdjw71aHmauPgIWnuPyQPcAAh1gbdezzRMAJy6adHzubKeovI103U8b0UUBpSG4=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Mon, 27 Feb 2023 14:34:14 GMT
server
AmazonS3
x-timer
S1683835588.991299,VS0,VE2
etag
"1f2c421f86e19fb3e3827dc698e9f438"
content-type
video/mp4;codecs=avc1
abp
22
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
generate_204
tpc.googlesyndication.com/ Frame 07BC
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?scMjXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 472E
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 472E
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:5e70:3935:160a:9425 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 5FAF
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 May 2023 20:06:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C4DF
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683835587972&uv=3275&tms=1683835587972&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=91095f79-cb40-4588-94d1-c29bcace532a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C4DF
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683835587972&uv=3275&tms=1683835587972&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=91095f79-cb40-4588-94d1-c29bcace532a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:5e70:3935:160a:9425 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame C4DF
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683835587972&uv=3275&tms=1683835587972&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=91095f79-cb40-4588-94d1-c29bcace532a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.1.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-1-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 133B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYHXplefRe-kbSIIRiI4bFvpSh1OafkUVxkR6z3QbxkFzajsyaR_vgOf-j1tqqyeayMh39RJw8_yi9ZEve0U3r_C6GsL-HOUf4W4QNEDATwuVi9rmyFpF7gMh1YCIXNZD4tC33KsRH0y9b_70sVyoA0O3Prp0YxPz9h8jrotu897g64a2goSJmqXMeffPruK4sIRJTW6MeDctAfwabd88wIBwC5wDH1AAnWPohBDgFljv5jDYEeZHDFdF0bDgzmWP4eQ353s27Pu6adqMox6nDo_RCKvC7uTgZq81YFF5zpUamiu0TVK_WkzqcdmeBAMhhDDvuZojvyRmQVLBho14_ZDSfX1M&sai=AMfl-YRnkCmg1rRcIVyCzkZyq0cZUegtl-aNTXzE1ZUB9ZcYqnxs5c7iefQ0NV4ioqWH5sXLTpFc45Xz2HMcIjOR5eyXjpfflPOAdiaKUO5pp5JKgB1pp6VjmjvtF80eWVhSQj_wL5O17AQ23jUH9l0&sig=Cg0ArKJSzF6NslKUgbuYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:06:28 GMT
script.js
dpjgrnd6i7dk0.cloudfront.net/ Frame 133B
121 KB
42 KB
Script
General
Full URL
https://dpjgrnd6i7dk0.cloudfront.net/script.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4c00:c:aa3e:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b55761bd6e09c47961fde7ad9d3bfffc1e403d69ea0938f8a0eaddd78368cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
UYSuGqlOcgcdh1vMgF8lRun8VAhq88hF
content-encoding
gzip
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
date
Thu, 11 May 2023 20:00:39 GMT
last-modified
Wed, 10 May 2023 18:49:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
350
x-amz-server-side-encryption
AES256
etag
W/"47f6abde7887f167ccbd8bfd27a918b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
TjaGhTEKRip-3TnhOpEK0VmmvnbdWBxWyxCVHDenKDAFAzVNffk85w==
nmedianet.js
contextual.media.net/ Frame 133B
127 KB
46 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6130a60a0dfcf412d573c061417a33a0bd80324a730e57439e03e6e3e3257fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
22-ks67
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:06:28 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-jxfb
timing-allow-origin
*
expires
Thu, 11 May 2023 20:11:28 GMT
log
qsearch-a.akamaihd.net/ Frame 133B
35 B
296 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587520&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=4985960420869022375&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=2.3840&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=52&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=120x600&f_seg=&prdp=0.3264&ogcbdp=0.6800&dfpbd=0.3264&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202305111435_generic_appn_2-cid_1&viewability=0.4500&dmm_r=0.2990&cut=52&dmm_l=0.2990&as_cache=0&tcyerpm=&content_language=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683835587122&cc=DE&strg=harmony&ss=&video_maxdur=-1&current_hour=20&time_stamp=2023-05-11+20%3A06%3A27&content_network=&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.6800&ct=erfurt&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=31103&bdp_bucket=0.60&algo=unison12&dc=eu_be&splid=27587520&dim4=exploration&erpm_mult=1.000000&dn=ultrasurfing.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&dmm_m10=920286&bdp_wider_bucket=1&acid=f9f6cbbe3b5a4dd4a287003bdc1659b6&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.4630&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3960090&dmm_m1=2023-05-11+20%3A06%3A27.125008911&e_rpm=0.2260&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.4630&cid=8CUH5EN48&bcrid=424785534&rawbid=0.6800&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-jp9lv.BE&dfp_bucket=0.3&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=3648182784&advurl=generalsearch.net%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=50&gpid=27587520&iwb=1&dmm_d22=0.07&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=0.68
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.21.20.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:06:28 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 133B
71 KB
25 KB
Script
General
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:06:28 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:06:28 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 133B
80 KB
28 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1337049
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230114-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683835588.148221,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1419216
it
ams3-ib.adnxs.com/ Frame 133B
0
933 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fultrasurfing.com%252F&e=wqT_3QK5BOg5AgAAAwDWAAUBCMOV9aIGEO7xr-Sc0L2EVxgAKjYJd76fGi_d1D8RZ7gBnx9G0D8ZAAAAoEfhyj8hZw0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvD9mAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMXoAMBqgNBEhg0OTg1OTYwNDIwODY5MDIyMzc1X3NiaWQaEzYyNzE1MzM1MTg0NTYzNTUwNTQiCTQyNDc4NTUzNCoFTTExNzPAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBP4hHViIBQGYBQCgBafFuLDgkuyYRcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBaBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQI2gcGAVxwGADgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=c9fd300543e3862681fd622a44b595e62bd79f6c
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
c32e0f71-a390-4652-ba91-2f1cd8a87425
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 133B
169 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:06:28 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 8BE8
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
262561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 8BE8
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
262561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 8BE8
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
262561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 8BE8
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
262561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 8BE8
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
262561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
css
fonts.googleapis.com/ Frame 8BE8
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 20:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 18:37:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 20:06:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 02AA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN8wtgkcSxJViKkgLL_AsenVdQZKyEGMiGVC4HnYxQcgPToA4lCjztN6T4mZ6SIar95R_2pdydwA9Rl1J3rXdq813Cs5c_SiRP4maW4puFYMt-YWT-jvR50R9BsNipHJisS25owMc0QLjXw_MNI5rsmgS-GsDH7XxX05aSB96JBMc2Qi-MJKvsosxu30gaphZG9D8z9jxXpKdlx46Do1amYnGTQ8COmRzEHOigDg8ztjy5ZnvWMkOZvEZPN700U5CacQaACg64wKGYCGAIMKz9XCNeymHezRxaibQzUGkYoFHvB7zpxVcOLhVtXkqu13bf7Yx5By6TU1eMz60eTrPw&sai=AMfl-YSrprpwjB4OXpwyFIkEzdhsfVzyz24VYVu58hm1CA9ky3xGV1ze983LXIPRX3iqBzHT3jInPMZ7CT2089MiVti9YCLBDaJoA1assudkb2W-h2i79XsCyR7A-RLAN9SS8_tgLr_LzwHSX_oLZ10&sig=Cg0ArKJSzJeJQiO4DZCkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:06:28 GMT
nmedianet.js
contextual.media.net/ Frame 02AA
127 KB
46 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1c472226f24574b8461a62bfeddceda70b2cfbf007d8ba0e7cf8a7e245676e30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
22-ks67
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:06:28 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-jxfb
timing-allow-origin
*
expires
Thu, 11 May 2023 20:11:28 GMT
log
qsearch-a.akamaihd.net/ Frame 02AA
35 B
296 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587518&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=1114560017445169089&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=5.3601&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=36&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=300x600&f_seg=&prdp=0.8704&ogcbdp=1.3600&dfpbd=0.8704&server=1&ogerpm_wd_bkt=1-2&vskip=-1&model_version=202305111435_generic_appn_2-cid_1&viewability=0.5700&dmm_r=0.3310&cut=36&dmm_l=0.3310&as_cache=0&tcyerpm=&content_language=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683835587090&cc=DE&strg=harmony&ss=&video_maxdur=-1&current_hour=19&time_stamp=2023-05-11+20%3A06%3A27&content_network=&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=1.3600&ct=erfurt&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=31103&bdp_bucket=1.50&algo=default&dc=eu_be&splid=27587518&dim4=exploration&erpm_mult=1.000000&dn=ultrasurfing.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&dmm_m10=851377&bdp_wider_bucket=2&acid=54290ea0d8a74da897af7acacc1b6edc&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.4900&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3802303&dmm_m1=2023-05-11+20%3A06%3A27.093866420&e_rpm=0.2660&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.4900&cid=8CUH5EN48&bcrid=424785976&rawbid=1.3600&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-9957k.BE&dfp_bucket=0.5&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=3648182784&advurl=generalsearch.net%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=35&gpid=27587518&iwb=1&dmm_d22=0.08&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=1.36
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.21.20.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:06:28 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 02AA
71 KB
25 KB
Script
General
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:06:28 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:06:28 GMT
it
ams3-ib.adnxs.com/ Frame 02AA
0
933 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLoBPBMaAIAAAMA1gAFAQjDlfWiBhCP7cmnp4a2smQYodHDnt-roNMqKjYJ16NwPQrX6z8RZRniWBe35T8ZAAAAwPUozD8hZRniWBe35T8p16MJJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgULjwxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvD9mAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvb_W-oCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMTExNDU2MDAxNzQ0NTE2OTA4OV9zYmlkGhM3MjM0MTQ0NjEyNjg1ODcwNzM1Igk0MjQ3ODU5NzYqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjIzqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLghHfA-iAUBmAUAoAXBz7CF5M3tuw-qBSRmZTI3NjVhOC0zOGJjLTRhNjYtOWQzMS01MTQ5NTVhMjhmY2TABQDJBQAAAQIU8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWgQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0VYwEkCNoHBgFccBgA4AcA6gcCCADwB5H4AYoIAhAAlQgAAIA_mAgB&s=f583fd1cf1f86b054f1f355ecc14233d04185a72&pp=0.64467
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
c739c1a0-5d72-4551-afcb-12e88a843f3a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 02AA
80 KB
28 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1337049
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230114-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683835588.180106,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1419217
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02AA
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:06:28 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BE8
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 08:26:03 GMT
x-content-type-options
nosniff
server
cafe
age
42025
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 12 May 2023 08:26:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BE8
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 11:14:15 GMT
x-content-type-options
nosniff
server
cafe
age
31933
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 12 May 2023 11:14:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8BE8
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cprxgw0pdZNeTIpmuxwKj6q6QDcuJ_cJw78WR5MMR2dkeEAEghveGJmCVgoCAwAegAbbg7LoDyAEB4AIAqAMBqgSaAk_Qp6YYoSTsGVL9upp21wfNjnevuaCX0X5tUxUlItcyxMh7qAyUtn74CXK_R0Y63WhmG0UptauPV9BcNAuU_R4LXl0Dio4kNzuj8RXsLF7YPlLfjTUkJMSsQUyKz8reL65Snr7b_kYDFPfL6UUfPhTJ3e0KLIYqagVYQXgiMgDN3SWz9C3a-G0dUgzV5_kSjYUO63G-F8Vf7K2ETEte5_pKKF-b8OIyT3GtMp0yI7aJqikGDrlMscR5NMH02Qch96GzwqD-pr9MPILKRmnc1h7ZJsdzV-Uho7x-9Z_RLr45Ot22wDT2mw7Mf0X0dc6RRjsF-zEpKfdG193LBERsSgl5C3bItHFYLxbu5U_Z_yNBbfhOoKJVQAo2_MAEs_jPo6gE4AQBkgUECAQYAZIFBAgFGASAB7Kfk0WoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCyxwXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMCiBQD0BUBgBcBshceChwIABIUcHViLTg1ODYyNjUwMTE2MjQxMDcYgdQc&sigh=x1fzdIbIaf4&uach_m=[UACH]&cid=CAQSSwBygQiD2drPgYFl1ICYdB8eNPuX2IkKLj19UNmBbdcs3y3c8GXKXLjR48nB1fqWcpRLfO38G3nKeeXmnrfkeWg6O-SazRnBZWh0UxgB&template_id=5001
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

14763004658117789537
tpc.googlesyndication.com/simgad/140792750924833060/ Frame 8BE8
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/140792750924833060/14763004658117789537?w=100&h=100
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8050a13234a52818d6d2f3983e2c5af15c698cb8a1a40885e037305130ffb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 03:49:43 GMT
x-content-type-options
nosniff
age
490605
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1873
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 08:48:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 03:49:43 GMT
truncated
/ Frame 8BE8
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c4f308a5f30f1ccb4f873ec45abdc19990b882f73828b1fb229ad58b6ed242a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
pv
tra.neodatagroup.com/
Redirect Chain
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1092966682000&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@...
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1092966682000&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@...
232 B
1 KB
Script
General
Full URL
https://tra.neodatagroup.com/pv?sid=2033&rnd=1092966682000&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=6a914654-6fed-416d-a36f-88694a31f015;pubcid;PublisherCommonId&pbs=true&neoid=31018d81dee05d0
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e0e4c3852be70c161c8d90e441c1fc2f4c3e8cec473d7e51140e9f3a467325a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive

Redirect headers

Access-Control-Allow-Origin
*
Location
/pv?sid=2033&rnd=1092966682000&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=6a914654-6fed-416d-a36f-88694a31f015;pubcid;PublisherCommonId&pbs=true&neoid=31018d81dee05d0
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
js
pixel.mathtag.com/sync/
Redirect Chain
  • http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000
2 KB
2 KB
Script
General
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000
Protocol
HTTP/1.1
Server
104.111.216.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown" /
Resource Hash
06cbdddf719979fe4d5dcac344771f5766b40226d5b80ea66b61615035acb088

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1567
Expires
Thu, 11 May 2023 20:06:27 GMT

Redirect headers

Date
Thu, 11 May 2023 20:06:28 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:06:27 GMT
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1092966682000
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=5244989658897313269&rt=img&rnd=1092966682000
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=5244989658897313269&rt=img&rnd=1092966682000&neoid=31018d81e1a05aa
1 B
1 KB
Image
General
Full URL
https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=5244989658897313269&rt=img&rnd=1092966682000&neoid=31018d81e1a05aa
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin
*
Location
/cm?sid=1&pv=APN&eid=5244989658897313269&rt=img&rnd=1092966682000&neoid=31018d81e1a05aa
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1092966682000
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1092966682000&google_gid=CAESEL2sfQ1YbiauLJgljV25iNE&google_cver=1
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1092966682000&google_gid=CAESEL2sfQ1YbiauLJgljV25iNE&google_cver=1&neoid=31018d81e2205a3
1 B
1 KB
Image
General
Full URL
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1092966682000&google_gid=CAESEL2sfQ1YbiauLJgljV25iNE&google_cver=1&neoid=31018d81e2205a3
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin
*
Location
/cm?pv=dbm&sid=1&rt=img&rnd=1092966682000&google_gid=CAESEL2sfQ1YbiauLJgljV25iNE&google_cver=1&neoid=31018d81e2205a3
Date
Thu, 11 May 2023 20:06:28 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
generic
match.adsrvr.org/track/cmf/
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cms
ups.analytics.yahoo.com/ups/58681/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=1092966682000
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1092966682000
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1092966682000
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1092966682000
content-type
text/html
cache-control
no-store
content-length
369
usync.js
eus.rubiconproject.com/ Frame 5FAF
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8846180af4c5402d3a9eccff27202a85c7235d96e826a3648254d684abc6daf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 12:27:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58897
Connection
keep-alive
Content-Length
10020
Expires
Fri, 12 May 2023 12:28:05 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 5FAF
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LHJK8E7W-1N-E7QT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 8BE8
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 22:26:30 GMT
x-content-type-options
nosniff
age
423598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 22:26:30 GMT
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 11 May 2023 20:06:28 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 133B
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 24F8
77 KB
27 KB
Document
General
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6af97b10fc04644cd38a6bfa80b7b9ba81598f92dceb5b24fa8fb545a2d29143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
27572
content-type
text/html
date
Thu, 11 May 2023 20:06:28 GMT
expires
Thu, 11 May 2023 20:06:28 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-mq4v
checksync.php
contextual.media.net/ Frame 338E
15 KB
6 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:06:28 GMT
expires
Sat, 13 May 2023 20:06:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 02AA
35 B
185 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=1917&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=647316259&vi=1683835588794091889&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785070&r=1683835588219&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&ssld=%7B%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22_q%22%2C%22QQN75%22%3A%22JLkxL7%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1683835588168634419&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p1690801221t202305112006&vgd_pgids=1&vgd_uspa=0&hvsid=00001683835588216036481827849110&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:06:28 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:28 GMT
checksync.php
contextual.media.net/ Frame 80F7
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:06:28 GMT
expires
Sat, 13 May 2023 20:06:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 02AA
35 B
200 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4529&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=1114560017445169089&vid=1114560017445169089&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=TH&ct=erfurt&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-9957k.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=31103&gender=O&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=185.89.211.43&s_city=amsterdam&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=29&pvid=462&prvAccId=647316259&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=30650021786480_126529259_10163351444621&reqsize=300x600&size=300x600&chnl=HARMONY&bdp=1.360&cbdp=0.870&og_cbdp=1.360&ogbdp=1.36&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.870&dt=O&dbf=1&epc=647316259&s=1&snm=SUCCESS&pcrid=8CU62MU8E-647316259-19-13&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=57&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683835587090&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785976&strg=HARMONY&stagid=27587518&vls=0&scrid=424785976&mang=1&pvdTmax=109&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587518&mx_tgs=120x600%7C160x600%7C300x250%7C300x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587518&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=54290ea0d8a74da897af7acacc1b6edc&rtime=13.0&wsip=mowx-7d6f88db94-ptlck&ltime=20.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=7234144612685870735&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587518&insl=0&mowxReqId=54290ea0d8a74da897af7acacc1b6edc_1&ecp=0.22&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587518&supplyTagId=27587518&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=22&debug_ts=2023-05-11+20%3A06%3A27&__expireat=1683836187346&mview=1&rme=adm&bdata=~bx_len%3D932~bid%3D1.360~bx_asn%3D31103~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000000~bx_size%3D300x600~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DERFURT~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D50~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.08~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D2~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.080~dmm_m1%3D0.266~dmm_m10%3D1.000~dmm_m11%3D0.973~dmm_m12%3D0.490~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.030~dmm_m16%3D0.281~dmm_m2%3D0.163~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D151.000~dmm_m36%3D151.000~dmm_m39%3D167.000~dmm_m40%3D167.000~dmm_m5%3D1.000~dmm_m51%3D151.000~dmm_m52%3D0.565~dmm_m6%3D1.000~dmm_m7%3D0.490~dmm_m9%3D1.000~dmm_r%3D0.331~e_rpm%3D0.266~erpm%3D0.266~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D217.114.218.0~r_sc%3DTH~rbo%3D5_3~seller_tag_id%3D27587518~std%3D27587518~visibility%3D1~supply_tag_id%3D27587518%7Eviewability%3D0.565079%7Ecbdp%3D1.360%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D1.360%7Eitype_id%3D16%7Eseller_tag_id%3D27587518%7EcarrierId%3D0%7Edcut%3D35%7Edogb%3D1-2~ibc%3D1~&utime=1141&sf=0&cpr=0.4465621607109955
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.244.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:28 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5065
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
49457
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 11 May 2023 20:06:28 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1020, 335677
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230102-FRA
X-Timer
S1683835588.337806,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 02AA
0
933 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKmBPBMJgIAAAMA1gAFAQjDlfWiBhCjm9yh0-2ZrTgYodHDnt-roNMqKjYJyXa-nxov1T8RS80eaAWG0D8ZAAAAoEfhyj8hS80eaAWG0D8pyXYJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgArX7XOoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA7uiNuADAOgDAPgDA4AEAJIEEC9vcGVucnRiMi9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4yM6gEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AT-7MbKAYgFAZgFAKAFwc-wheTN7bsPqgUkZmUyNzY1YTgtMzhiYy00YTY2LTlkMzEtNTE0OTU1YTI4ZmNkwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAABUt0AAAQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JDSMFJAzaBwYIBQlo4AcA6gcCCADwB5H4AYoIAhAAlQgAAIA_mAgB&s=21b2a6cc3418dc9690307d5ffc763b2bae5f1321&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
27431e94-8360-4d74-9cb9-cce80e03f7b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 5FAF
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5FAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ4YTFkNmIzYzE2YTVlNmM2MWRkYzE4N2VjNWNkNzViODA0MDQzYQ&gdpr=1&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ4YTFkNmIzYzE2YTVlNmM2MWRkYzE4N2VjNWNkNzViODA0MDQzYQ&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQ4YTFkNmIzYzE2YTVlNmM2MWRkYzE4N2VjNWNkNzViODA0MDQzYQ&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
q2RDFfXA-sxlN2EvlI1Uisn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 5FAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/q2RDFfXA-sxlN2EvlI1Uisn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
0
531 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/q2RDFfXA-sxlN2EvlI1Uisn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2a05:d018:d29:3601:5e70:3935:160a:9425 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/q2RDFfXA-sxlN2EvlI1Uisn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5FAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJK8E7W-1N-E7QT&gdpr=1&us_privacy=1---
0
798 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJK8E7W-1N-E7QT&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
2620:109:c002::6cae:a14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:29 GMT
Server
Play
X-Li-Pop
prod-lva1-x
LinkedIn-Action
1
X-Li-Fabric
prod-lva1
X-LI-Proto
http/1.1
Connection
keep-alive
content-length
0
X-LI-UUID
AAX7cIYvoGDekbiRYl+7JQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJK8E7W-1N-E7QT&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5FAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhKSzhFN1ctMU4tRTdRVA==&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEHR0BTddmNy7NZIQQj2RRs0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKSzhFN1ctMU4tRTdRVA==&google_push=&gdpr=1
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKSzhFN1ctMU4tRTdRVA==&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKSzhFN1ctMU4tRTdRVA==&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
dcm
s.amazon-adsystem.com/ Frame 5FAF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RPDD8TJ15Q9GAAESYPC2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
68FM4MAARM193TTN99Q1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5FAF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4H6HJMTT7M44061FKHSB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R2250K3NYGN1YW88N4GD
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5FAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECvYQvjhwU33fpfuU05GmGo&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECvYQvjhwU33fpfuU05GmGo&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECvYQvjhwU33fpfuU05GmGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8BE8
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date
Thu, 11 May 2023 20:06:28 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control
private
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 02AA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUf0tIPxuIhovUF_uraT_hiubNsRy7f8GNS6GO6KaSpSWw1k0YOdW8hxQ-9eOnPy09JciTNF2DQKGK2BtcPMNNRhD0Icf2Ug4fQ-OYKRX1cY3t7ATjSe5Go3d_q4N6i7fl2stjLd8hMZOF3mjU41epRDVJGW0rbuCihoGSdVyKqRvHZEyo5Z9kkrCSfrAJ_V6y3h-U9FGNPhizO0R5oOZK2XLqPqOCPHMwWI9ysmT1ONpz8e2XU2MV3GJ5CXXvZq5mRFP67B2UedRaSWEDrdTaR2PccfKVWxnzgCbLWW-U76JByrgP0BjqFdT5oONbbC1rMgIS20qW4H1tTBGSoPlHuZQ&sai=AMfl-YTu5wwK39e-vuIHCSFa_YoKuqVO7t0Vz25SOio6kPUikpNonzaw1gfNhhBK9in9kkrVfEh7o_YItMJjZgk_dzaxN9LoSgo-X5EK_-swWCci2eD8ZdMDAOYB37LRMwiur5GODcYq3HMpdbvyjKc&sig=Cg0ArKJSzNL8BE1tgM3sEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:06:28 GMT
truncated
/ Frame 02AA
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
511a8f96c62dcc3f40b4fdd83c233df498dd27235c0c61fbef6bb14a5e06f8ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 39FA
76 KB
27 KB
Document
General
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588872392107&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&perf=1&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a311330834e6cdf5ee2dec719f329ddc2dc8f93af650ae0cec88aca04b81936c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
27598
content-type
text/html
date
Thu, 11 May 2023 20:06:28 GMT
expires
Thu, 11 May 2023 20:06:28 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-mq4v
checksync.php
contextual.media.net/ Frame 107F
15 KB
6 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:06:28 GMT
expires
Sat, 13 May 2023 20:06:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 133B
35 B
185 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=1932&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=813823675&vi=1683835588872392107&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785070&r=1683835588453&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22_q%22%2C%22QQN75%22%3A%22JLkxL7%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1683835588167570853&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p1690801221t202305112006&vgd_pgids=3&vgd_uspa=0&hvsid=00001683835588450036481827848647&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:06:28 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:28 GMT
checksync.php
contextual.media.net/ Frame B181
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:06:28 GMT
expires
Sat, 13 May 2023 20:06:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 133B
35 B
200 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4518&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=4985960420869022375&vid=4985960420869022375&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=TH&ct=erfurt&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-jp9lv.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=31103&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=185.89.210.119&s_city=amsterdam&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=37&pvid=462&prvAccId=813823675&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=57407471154378_1306896684_10163351424621&reqsize=120x600&size=120x600&chnl=HARMONY&bdp=0.680&cbdp=0.326&og_cbdp=0.680&ogbdp=0.68&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.326&dt=O&dbf=1&epc=813823675&s=1&snm=SUCCESS&pcrid=8CU62MU8E-813823675-19-7&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=45&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683835587122&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785534&strg=HARMONY&stagid=27587520&vls=0&scrid=424785534&mang=1&pvdTmax=108&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587520&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587520&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=f9f6cbbe3b5a4dd4a287003bdc1659b6&rtime=13.0&wsip=mowx-7d6f88db94-xtzmk&ltime=26.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=6271533518456355054&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587520&insl=0&mowxReqId=f9f6cbbe3b5a4dd4a287003bdc1659b6_1&ecp=0.21&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587520&supplyTagId=27587520&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=27&debug_ts=2023-05-11+20%3A06%3A27&__expireat=1683836187379&mview=1&rme=adm&bdata=~bx_len%3D946~bid%3D0.680~bx_asn%3D31103~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000000~bx_size%3D120x600~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DERFURT~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D30~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.07~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.076~dmm_m1%3D0.226~dmm_m10%3D1.000~dmm_m11%3D0.960~dmm_m12%3D0.463~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.996~dmm_m16%3D0.237~dmm_m2%3D0.163~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D151.000~dmm_m36%3D151.000~dmm_m39%3D167.000~dmm_m40%3D167.000~dmm_m43%3D0.740~dmm_m5%3D1.000~dmm_m51%3D151.000~dmm_m52%3D0.453~dmm_m6%3D1.000~dmm_m7%3D0.463~dmm_m9%3D1.000~dmm_r%3D0.299~e_rpm%3D0.226~erpm%3D0.226~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D217.114.218.0~r_sc%3DTH~rbo%3D5_3~seller_tag_id%3D27587520~std%3D27587520~visibility%3D1~supply_tag_id%3D27587520%7Eviewability%3D0.452681%7Ecbdp%3D0.680%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D0.680%7Eitype_id%3D16%7Eseller_tag_id%3D27587520%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&utime=1353&sf=0&cpr=0.5945370128793701
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.244.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:28 GMT
rd_log
ams3-ib.adnxs.com/ Frame 133B
0
933 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QL4A-j4AQAAAwDWAAUBCMOV9aIGEO7xr-Sc0L2EVxgAKjYJd76fGi_d1D8RZ7gBnx9G0D8ZAAAAoEfhyj8hZw0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvC8mAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDu6I24AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjIzqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT-AdxYiAUBmAUAoAWnxbiw4JLsmEXABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWgQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0VYwEkCNoHBgFccBgA4AcA6gcCCADwB5H4AYoIAhAAlQgAAIA_mAgB&s=c8a91414342ca012d14d0feacb609207296081c5&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
816934b1-cfb6-4632-bbbd-b56aed6bfc9c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 02AA
0
955 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLoBPBMaAIAAAMA1gAFAQjDlfWiBhCP7cmnp4a2smQYodHDnt-roNMqKjYJ16NwPQrX6z8RZRniWBe35T8ZAAAAwPUozD8hZRniWBe35T8p16MJJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgULjwxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvD9mAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvb_W-oCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMTExNDU2MDAxNzQ0NTE2OTA4OV9zYmlkGhM3MjM0MTQ0NjEyNjg1ODcwNzM1Igk0MjQ3ODU5NzYqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjIzqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLghHfA-iAUBmAUAoAXBz7CF5M3tuw-qBSRmZTI3NjVhOC0zOGJjLTRhNjYtOWQzMS01MTQ5NTVhMjhmY2TABQDJBQAAAQIU8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWgQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0VYwEkCNoHBgFccBgA4AcA6gcCCADwB5H4AYoIAhAAlQgAAIA_mAgB&s=f583fd1cf1f86b054f1f355ecc14233d04185a72&type=nv&nvt=5&jm=1003&px=975&py=487&bw=300&bh=600&sid=3156532161339679560&vd=ct~0|rr~0&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587518&sw=1600&sh=1200&pw=1600&ph=7660&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
e9c771dd-f1c9-4b25-aadd-b5272b10eeb6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bulk-metrics
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
246 B
XHR
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f8f46dd93a194869c3c324a6cf9ab08e&sd=v2_fd26d40562cb9133c2d10c614d5c925d_095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043_1683835587_1683835587_CIi3jgYQ8-NDGJSUsOOAMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043&pi=/&wi=-1709852854480885386&pt=home&vi=1683835587092&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1683835588551%7D&tim=20%3A06%3A28.551&id=2944&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
178901950__djrnRRig.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
36 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/178901950__djrnRRig.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d8a373447aeea8fca14633f25e8c238ad3066a602341e80133d07e2160df825

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/178901950__djrnRRig.jpg
age
207547
edge-cache-tag
459859920357593644574746681135016834503,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
459859920357593644574746681135016834503,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
831
req-referer
https://www.techradar.com/
content-length
37276
x-request-id
9221ba524ac8e517abe7b32a2b72c2b6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000066-IAD, cache-iad-kjyo7100107-IAD, cache-chi-klot8100157-CHI, cache-iad-kjyo7100105-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 09 May 2023 09:04:54 GMT
server
nginx
x-timer
S1683835589.569780,VS0,VE2
etag
"8c0a6139f74eb4942c89f48e5817ecea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
c03c96c9b4de3555895fe3049b59e568.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1cc6f0e0f1e062b75078a577b806993504667e29f02a185b2ba377033e42e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
age
1325108
edge-cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sun, 21 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tennisnet.com/
content-length
21702
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kcgs7200115-IAD, cache-chi-klot8100031-CHI, cache-iad-kjyo7100029-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 20 Apr 2023 10:20:52 GMT
server
nginx
x-timer
S1683835589.569776,VS0,VE0
etag
"a5023ce1e0c6904084ddb4bbd995d09e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 2
9739321093be53fb62c34e20e00a836a.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_483,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_483,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9739321093be53fb62c34e20e00a836a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
004ca736c3ee3301e2b75dfb408c1627d69caaad8da15eeabc1f0ba580721634

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_483,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9739321093be53fb62c34e20e00a836a.jpg
age
4103819
edge-cache-tag
564503101216223817324981384865754661483,530826444479953630890946424697652514818,29ecf9b93bbf306179626feeda1fab70
cache-tag
564503101216223817324981384865754661483,530826444479953630890946424697652514818,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Sat, 25 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dl.gmx.at/
content-length
12478
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200059-IAD, cache-iad-kiad7000072-IAD, cache-lax10653-LGB, cache-iad-kjyo7100050-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 22 Feb 2023 15:03:32 GMT
server
nginx
x-timer
S1683835589.570037,VS0,VE0
etag
"f7df07f71a3dd60b395721a54c89fd20"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 8, 212
2678ad001273347bb939cd303501bc2d.jpg
images.taboola.com/taboola/image/fetch/h_370,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
28 KB
28 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_370,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2678ad001273347bb939cd303501bc2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d762c37b9e079635ca58a2f7c60afdc69d2a2e0cdc6e8ecbd2a8f4603c3106c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_370,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2678ad001273347bb939cd303501bc2d.jpg
age
1981277
edge-cache-tag
358075831811606740645932094977402904605,381718640323075955927743876679820587102,29ecf9b93bbf306179626feeda1fab70
cache-tag
358075831811606740645932094977402904605,381718640323075955927743876679820587102,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
160
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://alltagtipps.de/
content-length
28470
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100101-IAD, cache-chi-klot8100105-CHI, cache-iad-kcgs7200090-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 03 Apr 2023 19:00:29 GMT
server
nginx
x-timer
S1683835589.574665,VS0,VE2
etag
"64c321219c11b14413eb3321f23c30b5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
678ac156a0c4bc53a581aaf7880a0769.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
23 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/678ac156a0c4bc53a581aaf7880a0769.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
771bba050129df22172e67580938d066a198477596d46d63a71e9676dc02c20c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/678ac156a0c4bc53a581aaf7880a0769.jpeg
age
2716005
edge-cache-tag
476774326134776990812828568231667190765,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
476774326134776990812828568231667190765,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
332
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hibridosyelectricos.com/
content-length
23260
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200069-IAD, cache-lax10673-LGB, cache-iad-kiad7000102-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 14:30:24 GMT
server
nginx
x-timer
S1683835589.592238,VS0,VE1
etag
"05ce08fa4dd99bc32f672c969c8dcc3c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 57, 75
935ceaef813d3b4ec01293d109f9a332.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52a4f34420169a3ec8c0c1642bec820bbd9ec51e48cd99f2ef31cee93434cce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
age
555596
edge-cache-tag
358050488703395774759004428204568023971,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
358050488703395774759004428204568023971,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sat, 06 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ads.taboola.com/
content-length
14180
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200086-IAD, cache-iad-kiad7000121-IAD, cache-lga21976-LGA, cache-iad-kjyo7100101-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 05 Apr 2023 14:55:19 GMT
server
nginx
x-timer
S1683835589.591869,VS0,VE0
etag
"50f4608d6c8b5b80ef20c3cb6be3b9f7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 3
3487eb5d6b2f788de857bcd7a3709ffe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3487eb5d6b2f788de857bcd7a3709ffe.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
494bc7f2d9b90bb182b8fde93828217bcfe18ebc305a4568ef309fb5e757b40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3487eb5d6b2f788de857bcd7a3709ffe.jpg
age
2745550
edge-cache-tag
319015843359964104228869697899958667140,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
319015843359964104228869697899958667140,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
287
expiration
expiry-date="Mon, 01 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.senenews.com/actualites/sport/cristiano-ronaldo-attaque-par-un-grand-club-on-lui-a-offert-le-meme-salaire-que_430853.html
content-length
26620
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kiad7000104-IAD, cache-lax10660-LGB, cache-iad-kcgs7200156-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 31 Mar 2023 12:32:13 GMT
server
nginx
x-timer
S1683835589.593376,VS0,VE2
etag
"641d02df59bdf5cba56107546393fec9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3, 1
49e30cfb47e21c67f25095d2d7f086a6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d44617f819447bc776ee6c1926dbc6072a3fe4dcd9922ab574a384b965bfcd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
age
3740998
edge-cache-tag
594755705797379670550579562063071952825,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
594755705797379670550579562063071952825,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Thu, 30 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espncricinfo.com/
content-length
9268
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000172-IAD, cache-iad-kjyo7100134-IAD, cache-lax10660-LGB, cache-iad-kcgs7200156-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Feb 2023 10:47:10 GMT
server
nginx
x-timer
S1683835589.593227,VS0,VE1
etag
"306a97bc3390c7a2390c9d8c61c6637f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 43, 206
783a05771ea6479a7fae4ef9df57699d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/783a05771ea6479a7fae4ef9df57699d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6838e5de3147954f1965da7f593823094ff2c7f6afbf202ffdb4e01f7a893114

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/783a05771ea6479a7fae4ef9df57699d.png
age
855535
edge-cache-tag
363292511191043269566515777885724567204,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
363292511191043269566515777885724567204,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
516
req-referer
https://www.nrj.fr/artistes/beyonce/actus/double-hit-beyonce-partez-la-voir-en-concert-a-londres-71359322
content-length
7590
x-request-id
10df2913b9a883db6b843d290ac43ccd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200027-IAD, cache-iad-kcgs7200177-IAD, cache-lax10681-LGB, cache-iad-kcgs7200095-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 28 Apr 2023 08:39:56 GMT
server
nginx
x-timer
S1683835589.594495,VS0,VE2
etag
"d922a7218a7633d0931b982703d53009"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 116, 1
225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac620699086f9dd7de888f4c53c52d64a623ae218b2b739ae8d6373e9baf3beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age
2635153
edge-cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gamesradar.com/
content-length
25422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100048-IAD, cache-lga21934-LGA, cache-iad-kjyo7100153-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 10:19:03 GMT
server
nginx
x-timer
S1683835589.597814,VS0,VE0
etag
"ffbb4f2f516348d2d91eea4af6797e09"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4400, 723
e075fc1ecde96ccdfe10363f4e1f843b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
71 KB
72 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e075fc1ecde96ccdfe10363f4e1f843b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0387f488f47ed0dae7a1f8113f1c29a4a0b8d7fc9c3f7e0a05e2db37958d35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e075fc1ecde96ccdfe10363f4e1f843b.jpg
age
3639967
edge-cache-tag
349620705187353783355226756617603640198,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
349620705187353783355226756617603640198,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
883
expiration
expiry-date="Fri, 28 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
72786
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000107-IAD, cache-lax10633-LGB, cache-iad-kiad7000091-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 28 Mar 2023 10:10:40 GMT
server
nginx
x-timer
S1683835589.612453,VS0,VE3
etag
"2f9ce7bbf334a0198fa825eb7cec4978"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 1, 1
d9f23c974764386b8d7fbc5f9c27f921.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
33 KB
34 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9f23c974764386b8d7fbc5f9c27f921.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eba852d9dbbd20a129bfae63c4aa112651632a0a2ee01cbf744e585fa750d4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9f23c974764386b8d7fbc5f9c27f921.jpg
age
2535825
edge-cache-tag
419231460865704140121274254858642222992,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
419231460865704140121274254858642222992,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
207
expiration
expiry-date="Sat, 22 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://happy-woman.com/
content-length
34010
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200074-IAD, cache-iad-kiad7000111-IAD, cache-lax10671-LGB, cache-iad-kiad7000168-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 22 Mar 2023 14:11:10 GMT
server
nginx
x-timer
S1683835589.614210,VS0,VE5
etag
"15630ea60cd3986f0538e31e20a88fe3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 1, 1, 1
0855833024cb57c9aaaba8fee6d002b8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
64 KB
65 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0855833024cb57c9aaaba8fee6d002b8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e00fe3d80ba887dcaa091251436843bf2c5fe25b4361815cbee64815e7af709

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0855833024cb57c9aaaba8fee6d002b8.jpg
age
3676964
edge-cache-tag
321355917486291476183313421562230588421,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
321355917486291476183313421562230588421,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Thu, 30 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
65934
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100135-IAD, cache-iad-kjyo7100064-IAD, cache-lga21969-LGA, cache-iad-kjyo7100108-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Feb 2023 15:20:33 GMT
server
nginx
x-timer
S1683835589.614331,VS0,VE0
etag
"3e018f420321fa91839b6549db502900"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 29, 493
02e1f35f229c20c7efb914ba2427ca2d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
37 KB
38 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e1f35f229c20c7efb914ba2427ca2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b89ed6cd00243f6c9336f2f8ba82c77898b2d03be6e4cc4fa7a8895765ce6aec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e1f35f229c20c7efb914ba2427ca2d.jpg
age
2932497
edge-cache-tag
309453021649531492516229725898506815544,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
309453021649531492516229725898506815544,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
527
req-referer
https://www.motorbiscuit.com/
content-length
38172
x-request-id
f2095a20af955ce8aec4644ed0a211bf
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kiad7000158-IAD, cache-lax10673-LGB, cache-iad-kcgs7200038-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 07 Apr 2023 16:03:43 GMT
server
nginx
x-timer
S1683835589.616154,VS0,VE2
etag
"0d73f169c6178ea2cff3d6fbdd6c2924"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 150, 1
async_usersync
ib.adnxs.com/ Frame 5065
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
fc31a8dd-0b93-4c50-9434-9c424f887d71
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_7_5/infra/
889 KB
196 KB
Script
General
Full URL
http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d

Request headers

Referer
http://ultrasurfing.com/
Origin
http://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683645077
Date
Thu, 11 May 2023 20:06:28 GMT
Via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
189948
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1683645078
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
200195
X-Served-By
cache-fra-eddf8230137-FRA
Last-Modified
Tue, 09 May 2023 15:11:19 GMT
Server
AmazonS3
X-Timer
S1683835589.689388,VS0,VE0
ETag
"f0c45468d729788adab04c7c774f6382"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
A_BYf7xjbn9f-7SxsofEkeCgC6eFyTt9MFkYiYmPSZWRa-Pu_76yxg==
X-Cache-Hits
1167
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_5/assets/css/
60 KB
10 KB
Stylesheet
General
Full URL
http://vidstat.taboola.com/vpaid/units/32_7_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683645113
Date
Thu, 11 May 2023 20:06:28 GMT
Via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
190434
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1683645114
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
9098
X-Served-By
cache-fra-eddf8230033-FRA
Last-Modified
Tue, 09 May 2023 15:11:55 GMT
Server
AmazonS3
X-Timer
S1683835589.665360,VS0,VE0
ETag
"61cb141147e307fd87ad58965536cba5"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
text/css
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
GCWOG94wCi8XX15_7jM_XXKXPkjrshNHFZgrjHY7UwtoBCxvdJuNPw==
X-Cache-Hits
29694
tkj89jlwfbbh3kjigpqe.mp4
cdn.taboola.com/libtrc/static/video/v1680769831/
562 KB
563 KB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1680769831/tkj89jlwfbbh3kjigpqe.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8157c627685ef9620478a64c85ada02d6d1771620b29c7c33856ec70381d288

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
T44UNTGLygMlVkYgztlx610SqsUiDIH1
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish
x-amz-request-id
P8JHAC4YM6Y4VAV5
age
76
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-575765/575766
x-amz-replication-status
COMPLETED
Content-Length
575766
x-amz-id-2
eUYIvpfTk47/T28COIvI6Ef98uQWEbrpLE+s9yh5/0GifMYWvnJYQM9r+w60hFJkU1zY+75VUWg=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Thu, 06 Apr 2023 08:30:39 GMT
server
AmazonS3
x-timer
S1683835589.665976,VS0,VE2
etag
"357fadaae9648c9a978abf519c6579cb"
content-type
video/mp4;codecs=avc1
abp
75
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/
1 MB
1 MB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish
x-amz-request-id
YCXTAYADE0Q44PCN
age
111
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1133441/1133442
x-amz-replication-status
COMPLETED
Content-Length
1133442
x-amz-id-2
brEkK1gBAy5w1I+JBBFqhktDqPC9gFu5UYLmEWu+W55Nu+KckCLOouP4PCjbeg3tbP525k6xFY0=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Sun, 19 Mar 2023 21:35:10 GMT
server
AmazonS3
x-timer
S1683835589.666513,VS0,VE2
etag
"5cdc25693b01a36bfabe5203c9f55c70"
content-type
video/mp4;codecs=avc1
abp
96
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
noworxsybr9shkhdf8lb.mp4
cdn.taboola.com/libtrc/static/video/v1680883593/
704 KB
705 KB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1680883593/noworxsybr9shkhdf8lb.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65946d8ba9aa49b85c1c8c55bbf0adcc7bcb18f49f78f6332a3075f0a5f38b6c

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
t79aES8xjXrhhiPsDVELHfsV5W1BIuut
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish
x-amz-request-id
QBHGDEFPPWH32RTD
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-721265/721266
x-amz-replication-status
COMPLETED
Content-Length
721266
x-amz-id-2
eymVNZ8QGjabZU5o8507v8w+VPY7xRG8JQ7cyQN4WRjeLmAX5aoA+OsI511Lc0qxkPvoryuJEp0=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Fri, 07 Apr 2023 16:06:44 GMT
server
AmazonS3
x-timer
S1683835589.666903,VS0,VE184
etag
"cf0ffbef31dab6c3c47c76ae4aa4cd1c"
content-type
video/mp4;codecs=avc1
abp
24
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
c83f978d-3898-4723-b233-d477e613ca53.jpg
contextual.media.net/kimg/new/175x95/2/243/104/11/ Frame 24F8
20 KB
20 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/2/243/104/11/c83f978d-3898-4723-b233-d477e613ca53.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0bdafea178344ab1276f6d7dca757fb51a0e647fe9495604f2d79ee0aa874b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Mar 2018 18:39:03 GMT
server
nginx
etag
"5aa42647-4e3b"
content-type
image/jpeg
accept-ranges
bytes
content-length
20027
truncated
/ Frame 24F8
737 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe682ec94727343b2694d1dc2c42e96f14bb458e94b9a09e36e5ac647a5adeaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 24F8
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
f706c67c-55b8-487e-9e52-d4bb374d74e6.jpg
contextual.media.net/kimg/new/175x95/2/8/56/179/ Frame 24F8
17 KB
18 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/2/8/56/179/f706c67c-55b8-487e-9e52-d4bb374d74e6.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
785f463dd4c78c5ccc27bc7f52fed0771e156304fc365af71f7c862a43d3887f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 23 Mar 2018 08:27:54 GMT
server
nginx
etag
"5ab4ba8a-45be"
content-type
image/jpeg
accept-ranges
bytes
content-length
17854
5d293698-968c-4062-9258-8393662b410f.jpg
contextual.media.net/kimg/new/175x95/2/236/115/193/ Frame 24F8
18 KB
18 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/2/236/115/193/5d293698-968c-4062-9258-8393662b410f.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
470256561b11f2f94ffbb4fa1cfe1c61d26b75a77b7e6ba821c3b9b7ca734cbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 20 Mar 2018 21:44:06 GMT
server
nginx
etag
"5ab180a6-4841"
content-type
image/jpeg
accept-ranges
bytes
content-length
18497
80679d75-f925-40d3-8d43-993e79e5e2aa.jpg
contextual.media.net/kimg/new/175x95/3/147/19/91/ Frame 24F8
14 KB
14 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/3/147/19/91/80679d75-f925-40d3-8d43-993e79e5e2aa.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f68d9d96407bac629b7eb6400f731b6cbd78b7f1f6ebd30401a4b192ad5b5888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 22 Mar 2018 06:44:21 GMT
server
nginx
etag
"5ab350c5-36d5"
content-type
image/jpeg
accept-ranges
bytes
content-length
14037
0d68a3b2-cfb7-4b14-924c-18515e3b17c5.jpg
contextual.media.net/kimg/new/175x95/2/170/139/127/ Frame 24F8
20 KB
20 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/2/170/139/127/0d68a3b2-cfb7-4b14-924c-18515e3b17c5.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ca8ec16c88c5a912a302e62342a110190faa6db02d7cf8ebc7f57df4f04f4cd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 18 Dec 2018 03:02:01 GMT
server
nginx
etag
"5c186329-4fb3"
content-type
image/jpeg
accept-ranges
bytes
content-length
20403
1eb5e443-315f-4f60-acbf-1a1f033ce8c4.jpg
contextual.media.net/kimg/new/175x95/2/123/252/255/ Frame 24F8
15 KB
15 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/2/123/252/255/1eb5e443-315f-4f60-acbf-1a1f033ce8c4.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7bfe22e1bd22442f9cf78787ebb8ad5a2dde102220d2c5c748174f13242ceb8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 20 Mar 2018 20:20:00 GMT
server
nginx
etag
"5ab16cf0-3b71"
content-type
image/jpeg
accept-ranges
bytes
content-length
15217
f9584462-aabd-4e00-83e1-a1fc53cef160.jpg
contextual.media.net/kimg/new/175x95/3/72/110/35/ Frame 24F8
16 KB
16 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/3/72/110/35/f9584462-aabd-4e00-83e1-a1fc53cef160.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f05c87aa74e6c946e0a3f05d46132f25ab4fd5915f43352e6b5ff68ea9871e12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 11 Apr 2018 11:46:34 GMT
server
nginx
etag
"5acdf59a-414a"
content-type
image/jpeg
accept-ranges
bytes
content-length
16714
8553ce60-4a67-4f78-8b95-c733655f93e5.jpg
contextual.media.net/kimg/new/175x95/3/135/172/2/ Frame 24F8
17 KB
17 KB
Image
General
Full URL
https://contextual.media.net/kimg/new/175x95/3/135/172/2/8553ce60-4a67-4f78-8b95-c733655f93e5.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5664843a0609c7be6240d7afbdcb524adc45f511e1c6ecc610af53c6402f0861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 10 Apr 2018 11:13:57 GMT
server
nginx
etag
"5acc9c75-4348"
content-type
image/jpeg
accept-ranges
bytes
content-length
17224
truncated
/ Frame 24F8
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
RobotoCondensed-Regular.woff
contextual.media.net/__media__/fonts/RobotoCondensed-Regular/ Frame 24F8
93 KB
94 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/RobotoCondensed-Regular/RobotoCondensed-Regular.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
191c6017f0a38a7f70b48f2f757cca7aedfd76aebb483cba194a215e4013f53f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
95604
expires
Fri, 12 May 2023 20:06:28 GMT
bulk
trc.taboola.com/ultrasurf-ultrasurf/log/3/
0
266 B
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
36
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish
x-served-by
cache-fra-etou8220034-FRA
server
nginx
x-timer
S1683835589.726570,VS0,VE36
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 133B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsZ_IkM1H-M1U2d25G0tr7Y6i33yfqUtz9-r6Lp-LoBFtxElRsyCE8XESLHAuQLzdSPAHMzl7M1L2PZNSUVZazlA1SkvwKedeV1RVL7zjbyRh9i2QxP1EMql5e7A0gUya4OIcTmPfNAYtxM7AsMj44FhhRsv4tUzgZH_O0nLdzt017-rE1BuOMh0vdtaoZdMGgvlsCm1_kFkJLGz8NlUU3KiZUlO4J3E4eGMlxRUE_mhuR80YH6gUmo44b_38awEXGRqhGcGu1ZbzR30RbRRQSz9aT3SGCwRRULZNACw1y7jDtelC_0SaJw3uvKB68QegIUUozF6IBEwLtBtR4G7VxKNpCQusfng&sai=AMfl-YQJnO_mzl2L-pKuUO7i7E0pKc5RM1poUzKEs1nHTbJlER0CT_Nv_kt33XiNmPXoBcaUKh6LgPy2lN09nG5pUPk7UcafjYhRTHo-0pedMKcU1DIUK-ZqdkBDy94j7fwWgWVtYlLxzVKVNHLO2Ek&sig=Cg0ArKJSzCm0ff6Xl4CrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:06:28 GMT
truncated
/ Frame 133B
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4aa2608b034a7a5c7316cb9c49cf8a0e4792e76cdee220c8671b0fb0a855a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
iframe
pixel.mathtag.com/sync/ Frame AADB
3 KB
1 KB
Document
General
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x30 config_version:"unknown" /
Resource Hash
dadfc1ce7ded1002b30665dcd11e2ee8e140951107c4aa3da18af2c830d547f6

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
963
Content-Type
text/html
Date
Thu, 11 May 2023 20:06:28 GMT
Expires
Thu, 11 May 2023 20:06:27 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x30 config_version:"unknown"
Vary
Accept-Encoding
178901950__djrnRRig.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
36 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/178901950__djrnRRig.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d8a373447aeea8fca14633f25e8c238ad3066a602341e80133d07e2160df825

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/178901950__djrnRRig.jpg
age
207547
edge-cache-tag
459859920357593644574746681135016834503,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
459859920357593644574746681135016834503,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
831
req-referer
https://www.techradar.com/
content-length
37276
x-request-id
9221ba524ac8e517abe7b32a2b72c2b6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000066-IAD, cache-iad-kjyo7100107-IAD, cache-chi-klot8100157-CHI, cache-iad-kjyo7100105-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 09 May 2023 09:04:54 GMT
server
nginx
x-timer
S1683835589.796856,VS0,VE0
etag
"8c0a6139f74eb4942c89f48e5817ecea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
c03c96c9b4de3555895fe3049b59e568.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1cc6f0e0f1e062b75078a577b806993504667e29f02a185b2ba377033e42e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
age
1325109
edge-cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sun, 21 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tennisnet.com/
content-length
21702
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kcgs7200115-IAD, cache-chi-klot8100031-CHI, cache-iad-kjyo7100029-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 20 Apr 2023 10:20:52 GMT
server
nginx
x-timer
S1683835589.796379,VS0,VE0
etag
"a5023ce1e0c6904084ddb4bbd995d09e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 3
9739321093be53fb62c34e20e00a836a.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_483,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_483,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9739321093be53fb62c34e20e00a836a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
004ca736c3ee3301e2b75dfb408c1627d69caaad8da15eeabc1f0ba580721634

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_483,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9739321093be53fb62c34e20e00a836a.jpg
age
4103820
edge-cache-tag
564503101216223817324981384865754661483,530826444479953630890946424697652514818,29ecf9b93bbf306179626feeda1fab70
cache-tag
564503101216223817324981384865754661483,530826444479953630890946424697652514818,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Sat, 25 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dl.gmx.at/
content-length
12478
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200059-IAD, cache-iad-kiad7000072-IAD, cache-lax10653-LGB, cache-iad-kjyo7100050-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 22 Feb 2023 15:03:32 GMT
server
nginx
x-timer
S1683835589.796308,VS0,VE0
etag
"f7df07f71a3dd60b395721a54c89fd20"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 8, 213
2678ad001273347bb939cd303501bc2d.jpg
images.taboola.com/taboola/image/fetch/h_370,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
28 KB
29 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_370,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2678ad001273347bb939cd303501bc2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d762c37b9e079635ca58a2f7c60afdc69d2a2e0cdc6e8ecbd2a8f4603c3106c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_370,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2678ad001273347bb939cd303501bc2d.jpg
age
1981277
edge-cache-tag
358075831811606740645932094977402904605,381718640323075955927743876679820587102,29ecf9b93bbf306179626feeda1fab70
cache-tag
358075831811606740645932094977402904605,381718640323075955927743876679820587102,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
160
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://alltagtipps.de/
content-length
28470
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100101-IAD, cache-chi-klot8100105-CHI, cache-iad-kcgs7200090-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 03 Apr 2023 19:00:29 GMT
server
nginx
x-timer
S1683835589.797195,VS0,VE1
etag
"64c321219c11b14413eb3321f23c30b5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
678ac156a0c4bc53a581aaf7880a0769.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
23 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/678ac156a0c4bc53a581aaf7880a0769.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
771bba050129df22172e67580938d066a198477596d46d63a71e9676dc02c20c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/678ac156a0c4bc53a581aaf7880a0769.jpeg
age
2716005
edge-cache-tag
476774326134776990812828568231667190765,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
476774326134776990812828568231667190765,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
332
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hibridosyelectricos.com/
content-length
23260
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200069-IAD, cache-lax10673-LGB, cache-iad-kiad7000102-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 14:30:24 GMT
server
nginx
x-timer
S1683835589.797359,VS0,VE0
etag
"05ce08fa4dd99bc32f672c969c8dcc3c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 57, 76
935ceaef813d3b4ec01293d109f9a332.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52a4f34420169a3ec8c0c1642bec820bbd9ec51e48cd99f2ef31cee93434cce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/935ceaef813d3b4ec01293d109f9a332.png
age
555596
edge-cache-tag
358050488703395774759004428204568023971,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
358050488703395774759004428204568023971,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sat, 06 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ads.taboola.com/
content-length
14180
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200086-IAD, cache-iad-kiad7000121-IAD, cache-lga21976-LGA, cache-iad-kjyo7100101-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 05 Apr 2023 14:55:19 GMT
server
nginx
x-timer
S1683835589.798232,VS0,VE0
etag
"50f4608d6c8b5b80ef20c3cb6be3b9f7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 4
3487eb5d6b2f788de857bcd7a3709ffe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3487eb5d6b2f788de857bcd7a3709ffe.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
494bc7f2d9b90bb182b8fde93828217bcfe18ebc305a4568ef309fb5e757b40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3487eb5d6b2f788de857bcd7a3709ffe.jpg
age
2745550
edge-cache-tag
319015843359964104228869697899958667140,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
319015843359964104228869697899958667140,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
287
expiration
expiry-date="Mon, 01 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.senenews.com/actualites/sport/cristiano-ronaldo-attaque-par-un-grand-club-on-lui-a-offert-le-meme-salaire-que_430853.html
content-length
26620
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kiad7000104-IAD, cache-lax10660-LGB, cache-iad-kcgs7200156-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 31 Mar 2023 12:32:13 GMT
server
nginx
x-timer
S1683835589.822809,VS0,VE0
etag
"641d02df59bdf5cba56107546393fec9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3, 2
49e30cfb47e21c67f25095d2d7f086a6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d44617f819447bc776ee6c1926dbc6072a3fe4dcd9922ab574a384b965bfcd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
age
3740998
edge-cache-tag
594755705797379670550579562063071952825,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
594755705797379670550579562063071952825,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Thu, 30 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espncricinfo.com/
content-length
9268
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000172-IAD, cache-iad-kjyo7100134-IAD, cache-lax10660-LGB, cache-iad-kcgs7200156-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Feb 2023 10:47:10 GMT
server
nginx
x-timer
S1683835589.822809,VS0,VE0
etag
"306a97bc3390c7a2390c9d8c61c6637f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 43, 207
783a05771ea6479a7fae4ef9df57699d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/783a05771ea6479a7fae4ef9df57699d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6838e5de3147954f1965da7f593823094ff2c7f6afbf202ffdb4e01f7a893114

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/783a05771ea6479a7fae4ef9df57699d.png
age
855535
edge-cache-tag
363292511191043269566515777885724567204,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
363292511191043269566515777885724567204,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
516
req-referer
https://www.nrj.fr/artistes/beyonce/actus/double-hit-beyonce-partez-la-voir-en-concert-a-londres-71359322
content-length
7590
x-request-id
10df2913b9a883db6b843d290ac43ccd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200027-IAD, cache-iad-kcgs7200177-IAD, cache-lax10681-LGB, cache-iad-kcgs7200095-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 28 Apr 2023 08:39:56 GMT
server
nginx
x-timer
S1683835589.822748,VS0,VE0
etag
"d922a7218a7633d0931b982703d53009"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 116, 2
225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac620699086f9dd7de888f4c53c52d64a623ae218b2b739ae8d6373e9baf3beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age
2635154
edge-cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gamesradar.com/
content-length
25422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100048-IAD, cache-lga21934-LGA, cache-iad-kjyo7100153-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Mar 2023 10:19:03 GMT
server
nginx
x-timer
S1683835589.822877,VS0,VE0
etag
"ffbb4f2f516348d2d91eea4af6797e09"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4400, 724
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/
0
283 B
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish
x-served-by
cache-fra-etou8220034-FRA
server
nginx
x-timer
S1683835589.799342,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
e075fc1ecde96ccdfe10363f4e1f843b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
71 KB
72 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e075fc1ecde96ccdfe10363f4e1f843b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0387f488f47ed0dae7a1f8113f1c29a4a0b8d7fc9c3f7e0a05e2db37958d35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e075fc1ecde96ccdfe10363f4e1f843b.jpg
age
3639967
edge-cache-tag
349620705187353783355226756617603640198,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
349620705187353783355226756617603640198,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
883
expiration
expiry-date="Fri, 28 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
72786
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000107-IAD, cache-lax10633-LGB, cache-iad-kiad7000091-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 28 Mar 2023 10:10:40 GMT
server
nginx
x-timer
S1683835589.826497,VS0,VE0
etag
"2f9ce7bbf334a0198fa825eb7cec4978"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 1, 2
d9f23c974764386b8d7fbc5f9c27f921.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
33 KB
34 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9f23c974764386b8d7fbc5f9c27f921.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eba852d9dbbd20a129bfae63c4aa112651632a0a2ee01cbf744e585fa750d4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9f23c974764386b8d7fbc5f9c27f921.jpg
age
2535825
edge-cache-tag
419231460865704140121274254858642222992,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
419231460865704140121274254858642222992,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
207
expiration
expiry-date="Sat, 22 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://happy-woman.com/
content-length
34010
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200074-IAD, cache-iad-kiad7000111-IAD, cache-lax10671-LGB, cache-iad-kiad7000168-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 22 Mar 2023 14:11:10 GMT
server
nginx
x-timer
S1683835589.826946,VS0,VE0
etag
"15630ea60cd3986f0538e31e20a88fe3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 1, 1, 2
0855833024cb57c9aaaba8fee6d002b8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
64 KB
65 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0855833024cb57c9aaaba8fee6d002b8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e00fe3d80ba887dcaa091251436843bf2c5fe25b4361815cbee64815e7af709

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0855833024cb57c9aaaba8fee6d002b8.jpg
age
3676964
edge-cache-tag
321355917486291476183313421562230588421,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
321355917486291476183313421562230588421,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Thu, 30 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
65934
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100135-IAD, cache-iad-kjyo7100064-IAD, cache-lga21969-LGA, cache-iad-kjyo7100108-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 27 Feb 2023 15:20:33 GMT
server
nginx
x-timer
S1683835589.848502,VS0,VE0
etag
"3e018f420321fa91839b6549db502900"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 29, 494
02e1f35f229c20c7efb914ba2427ca2d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
37 KB
38 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e1f35f229c20c7efb914ba2427ca2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b89ed6cd00243f6c9336f2f8ba82c77898b2d03be6e4cc4fa7a8895765ce6aec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:06:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e1f35f229c20c7efb914ba2427ca2d.jpg
age
2932497
edge-cache-tag
309453021649531492516229725898506815544,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
309453021649531492516229725898506815544,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
527
req-referer
https://www.motorbiscuit.com/
content-length
38172
x-request-id
f2095a20af955ce8aec4644ed0a211bf
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kiad7000158-IAD, cache-lax10673-LGB, cache-iad-kcgs7200038-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 07 Apr 2023 16:03:43 GMT
server
nginx
x-timer
S1683835589.848518,VS0,VE0
etag
"0d73f169c6178ea2cff3d6fbdd6c2924"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 150, 2
vevent
ams3-ib.adnxs.com/ Frame 133B
0
955 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QK5BOg5AgAAAwDWAAUBCMOV9aIGEO7xr-Sc0L2EVxgAKjYJd76fGi_d1D8RZ7gBnx9G0D8ZAAAAoEfhyj8hZw0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvD9mAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMXoAMBqgNBEhg0OTg1OTYwNDIwODY5MDIyMzc1X3NiaWQaEzYyNzE1MzM1MTg0NTYzNTUwNTQiCTQyNDc4NTUzNCoFTTExNzPAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBP4hHViIBQGYBQCgBafFuLDgkuyYRcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBaBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQI2gcGAVxwGADgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=c9fd300543e3862681fd622a44b595e62bd79f6c&type=nv&nvt=5&jm=1003&px=345&py=487&bw=120&bh=600&sid=3156532161339679560&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587520&sw=1600&sh=1200&pw=1600&ph=6414&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:28 GMT
AN-X-Request-Uuid
f7d74057-41a6-4c7c-87dc-a1d03cd67417
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
1 KB
Image
General
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date
Thu, 11 May 2023 20:06:28 GMT
Via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
Age
20416
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
X-Served-By
cache-fra-eddf8230078-FRA
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1683835589.823251,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type
image/png
abp
27
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
8125
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305080101&jk=1290437441629794&bg=!wcKlwpbNAAYldGN0BXQ7ADkAdvg8WjKPzt9k_aajgWfq2dOOgMQDHZuNsaVYHeMDJ2d_CIgJbJnE2WG9sjoEVMSDnUim3Y4g4gICAAAAXFIAAAACaAEHCgCKjMFW-7S83hfoEXltESUqseOsbtdG8iPB-H1m8ykK9NMUdA-AF4BekpubNBZys9zDnshfyl4sFaDCDy5lRgWuHwO4aaPyNrZjmPJ8JkXV65ZPcowjhjRgeVzl_tMDqa_g-w0zGSv0nln-eVJGSf0RullUSswUlfOehaQ-ulPS-8nj-Ckj-Xo-B5bimQKXMyfduecEksENXsmlowzrm5x-GExMp3OiO_LVErSVz8uSVEt33JFVwAf5D5QBw6_ZKqVwNuc-ylPOCPd8Z4REJqYATc_K0b6F4hLUlUTUZPE-oe4RfW_PeoGa5VmwhOuvwmUyLz7C3e5DxqgTx5dkMlUTMChwuDedZln8B-IKDxnjrQ92bizzAjhPCmWsx21wXwwoqvE_JZSJ6L1zpJ2qDi1YgjD1Pm0l9nhPKDdpsnyyB2P36evT5pOBUirpkz_BjfWzGD7WJSh1wWfS6IymCHyWPqebJZNaV45mnZyTNcL0zH6bs0F_KKgk3ZWabUYo-pbp-cqFwRKxMYa135QWzat1An9AXavpEWVPx11NIBPkDR6he6-cEW4GGucSrCb8UWpRIMjYGIDlO9fnAK7BGu87iS0dZ-n1VfyHcd5A6rUvlLKiHxaylw9LZGClzfAAbe9Xk8FTkHaoOZLNvuCaHvpu2KihXfkaOUBPuKON-lOA3bAqrDzsckXbcgWSX3DKgfvUepdfQxaauLncHJYFjhPbn9IJlKDPJeW22QMgt1wHsQzBRTnRRkZO1asUlL6t4257EL5XuEcYifYyAGql1oJ69dXYWgi-Pqij8ZHBksoILLcqC1arvc-CxRWFrAf8Tke9HSKrWjhWgpG73JSL5psY1cx1LgQTFVJf3tc_q7nTV1Uyi80zjOVbOMCDJqR5Ln_hpOwrNA8eAKZjekTY7QXdkrSsWdzGFvsDl8O_TPk5fwnxQqdEsb3KLynj3QzIAfrtX53hv0849__a_SActN7kADioWL5FAmVqTxBHFDVSt7B8A8hxjdrx6Xk3zR7kmgBKLHfj5rWXYhPOzp9_BPGR4rfBzml1KTUVZ4GUC-1sWvlTbc3I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

img
pixel.mathtag.com/comp/
0
492 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x26 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x26 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:06:27 GMT
truncated
/ Frame 39FA
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 39FA
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 39FA
24 KB
24 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588872392107&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&perf=1&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588872392107&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&perf=1&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 12 May 2023 20:06:28 GMT
bql.php
lg3.media.net/ Frame 24F8
15 B
169 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=7352&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380Se3bM-NTLyf8Wszfe1u8F3TnG_YcxtUATlfOCBF1D5KKC0tB_uYCnwbcTt2KiYmqOG-IbPiZAa9FhzhljUAuBFGRbHMWJ4GqZVs3AnuHEY8%3D&cme=YGyN5t9ZJ-457x0x81-vvGqUUKp7khjkiP4ssRqLU0vtsjzWPDiE7LmUwrP_Ohj16jH0KvEo4A1XSKZPhsj5DqP7zFKCAzbfCirfv66X4UJDGx0oQ9az0pWWWcyagPMxvCCVFjT_7VjrUN7AB_-wetZ8HK1HxNnC_cQ9uB-J7BjPu0ZrRxEDS_RAbhHUv-MmHS0ryB2baG3Oefxcq08n1QsQm6zZHk1o80x--PLrfVL5OWMsDM-zgw%3D%3D%7C%7COSKwXugw14AYALsXTS9gM0hxtv36OLrBxUKMpV0JHZhjEU9rMyvWERgiUGknoPfbm1At2uy1zin4j8V4OAO87pPholNk-6qEHjC7L0oa9piUXhHK-sNIAsslT-lxNFIMw4jY3mUs1GQ_aQh-V88L2w7iU-GHQUkA5-C_uGAYQSwC-2YmChpA91cIQZXSqA6TED02AZhCbnQqWHMQb69uyD6FfieQs8YqAOoEFZVp4d5NaFwkzbidsg7-3wTKlMKuR9dU4IsW_T5Eu0hvtF5nyA%3D%3D%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1378%7C24%3D72%7C25%3D0%7C22%3D0.0214%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0545%7C14%3D051108%7C15%3D0%7C1%3D0.38%7Cr%3D2%7C62%3D0.29%7C12%3D0.39%7C2%3D1.22%7Cir%3D1%7Ciid%3D1380464%7Cps%3D0.378%7C3%3D0.13%7C4%3D4.00&ktd[]=276505493760&ktrkt[]=10+beste+E-Bikes+im+Test&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0666%7C24%3D68%7C25%3D0%7C22%3D0.0221%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0527%7C14%3D051108%7C15%3D0%7C1%3D0.39%7Cr%3D4%7C62%3D0.45%7C12%3D0.35%7C2%3D1.03%7Cir%3D1%7Ciid%3D1391210%7Cps%3D0.378%7C3%3D0.11%7C4%3D3.29&ktd[]=275700187392&ktrkt[]=Die+besten+E-Bike+Angebote&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1195%7C24%3D55%7C25%3D0%7C22%3D0.0249%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0504%7C14%3D051108%7C15%3D0%7C1%3D0.33%7Cr%3D5%7C62%3D0.41%7C12%3D0.32%7C2%3D0.96%7Cir%3D2%7Ciid%3D3516129%7Cps%3D0.378%7C3%3D0.12%7C4%3D3.91&ktd[]=275700187392&ktrkt[]=Top+10+E-Bikes&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2271%7C24%3D94%7C25%3D0%7C22%3D0.0181%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0556%7C14%3D051108%7C15%3D0%7C1%3D0.24%7Cr%3D6%7C62%3D0.29%7C12%3D0.23%7C2%3D3.58%7Cir%3D1%7Ciid%3D1960981%7Cps%3D0.378%7C3%3D0.54%7C4%3D4.17&ktd[]=275700187392&ktrkt[]=Sparkonto+mit+5%25+Zinsen&kwd[]=E-Bikes+g%C3%BCnstig+kaufen&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=329660640&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0282%7C24%3D83%7C25%3D0%7C22%3D0.0196%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0509%7C14%3D051108%7C15%3D0%7C1%3D0.50%7Cr%3D8%7C62%3D0.70%7C12%3D0.40%7C2%3D1.74%7Cir%3D1%7Ciid%3D11343957%7Cps%3D0.378%7C3%3D0.22%7C4%3D3.29&ktd[]=275700187392&ktrkt[]=E-Bikes+g%C3%BCnstig+kaufen&kwd[]=Kredite+ohne+Bonit%C3%A4tspr%C3%BCfung&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=329465921&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0102%7C24%3D107%7C25%3D0%7C22%3D0.0167%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0508%7C14%3D051108%7C15%3D0%7C1%3D0.50%7Cr%3D9%7C62%3D0.70%7C12%3D0.40%7C2%3D1.74%7Cir%3D1%7Ciid%3D3636099%7Cps%3D0.378%7C3%3D0.49%7C4%3D1.58&ktd[]=275700187392&ktrkt[]=Kredite+ohne+Bonit%C3%A4tspr%C3%BCfung&kwd[]=Die+besten+Krankenversicherungen&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=329464743&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1131%7C24%3D2%7C25%3D0%7C22%3D0.0504%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0458%7C14%3D051108%7C15%3D0%7C1%3D0.63%7Cr%3D10%7C62%3D0.75%7C12%3D0.54%7C2%3D2.89%7Cir%3D1%7Ciid%3D2848587%7Cps%3D0.378%7C3%3D0.12%7C4%3D2.24&ktd[]=275700187392&ktrkt[]=Die+besten+Krankenversicherungen&kwd[]=Die+10+besten+Aktien&kwt[]=391&kbc[]=1262271193&kwp[]=8&kid[]=329506286&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1090%7C24%3D2%7C25%3D0%7C22%3D0.0504%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D1231%7C27%3D0%7C13%3D0.0742%7C14%3D051108%7C15%3D0%7C1%3D1.78%7Cr%3D11%7C62%3D1.17%7C12%3D1.95%7C2%3D5.72%7Cir%3D1%7Ciid%3D3870795%7Cps%3D0.378%7C3%3D0.39%7C4%3D4.00&ktd[]=275700187392&ktrkt[]=Die+10+besten+Aktien&v=1&gdpr=1&geo=50.97%7C11.03&dlper=20&lper=100&lpid=&tsid=18&hint=&cc=DE&wsip=170774755&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22JLkxL7%22%2C%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQQN%22%3A%22_q%22%7D&cid=8CU62MU8E&vi=1683835588794091889&vsid=DefVid&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=erfurt&vgd_ifrmode=13&vgd_l1rakh=1683835588168634419&tsrc=entity&sttm=1683835588216&upk=1683835588.5494&hvsid=00001683835588216036481827849110&verid=3111299&sbdrId=99&vgd_ecrid=424785976&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D31103&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&vgd_cfud=230308&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683835588216036481827849110&rc=0&rand=1683835588670&acid=54290ea0d8a74da897af7acacc1b6edc&matm=1683835588671&vgd_ltimesrc=1&vgd_ltime=763&vgd_rtime=587&vgd_etm=11&vgd_l1hcsd=Sks67%7C3100&vgd_l1ch=1&vgd_lhl=1051&vgd_pgid=p1690801221t202305112006&vgd_csip=rtb-common-8549976cf7-9957k.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_sticky_rail_0__container__%7CDIV-2ec862b0-bd27-4402-af8c-77ca60269b1f&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588794091889&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=647316259&size=300x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO3E1OMK&tpid=TMC6MB5&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:06:28 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:06:28 GMT
bql.php
lg3.media.net/ Frame 39FA
15 B
169 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=7437&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380lhSFw34ykwgOn3UY-RakmmNFd0zpi1UnyqxhMcSp8OOW6Be5Lice6EmVjZlDIuxq8oM404vdEcK7DJWQnvIMKyEUEn3ht4HJI-VUx293K_0%3D&cme=zRRV-Rg_FlxvIEtq7_6YcKWJVQM5abQX0C0G2IMNa5gNj3LhIodqTkO8qgvX35jhKrN5ddqm8BsmGweBkudgvhUf1dd44NR2WwnpJNDeZH7TofX23eNkZy9mRbii_NGrpIC42x-ISJZ6rUt7cyIGGGUMJmCa9oL1fCxCk-fA_uBE_MOxBIz8yzPXa9huHu3Y5TUddHZhfjvb1Qeb0mUvLeAo0-78HC7QSIkY4BxNg0A%3D%7C%7CynOXz_8dq9-WGu9pDL--2Da2VivfjJpF1H3oZ8XjPDX1aoRIs27hEQIeT5SkSdrrWxEMVZbv4B17ZZuBOMr4z7j6F2QqtZUALy-VrPaA48DG-yLv1mXHYwr2lbJvYRv_0DZJxqb6IhfF2ehJU4NguvnEnfKm1x1L6yFeYPz8O5MZBNODohYbq6O75jReG2HSbFVNjghMylxjpi0OYx-G0kfCbEqvYNb8OD98Fx_6UvfaQp1lHtg_h3Zyv3TupZd848P0IjrMHz8%3D%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1401%7C24%3D70%7C25%3D0%7C22%3D0.0218%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0549%7C14%3D051108%7C15%3D0%7C1%3D0.38%7Cr%3D2%7C60%3D0.27%7C10%3D1.79%7C63%3D0.10%7C62%3D0.29%7C12%3D0.39%7C2%3D1.22%7Cps%3D0.378%7C3%3D0.13%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=10+beste+E-Bikes+im+Test&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0677%7C24%3D66%7C25%3D0%7C22%3D0.0225%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0508%7C14%3D051108%7C15%3D0%7C1%3D0.40%7Cr%3D4%7C60%3D0.52%7C10%3D1.79%7C63%3D0.10%7C62%3D0.45%7C12%3D0.35%7C2%3D1.06%7Cps%3D0.378%7C3%3D0.11%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=Die+besten+E-Bike+Angebote&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1218%7C24%3D53%7C25%3D0%7C22%3D0.0253%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0494%7C14%3D051108%7C15%3D0%7C1%3D0.33%7Cr%3D5%7C60%3D0.35%7C10%3D1.79%7C63%3D0.10%7C62%3D0.41%7C12%3D0.32%7C2%3D0.96%7Cps%3D0.378%7C3%3D0.12%7C4%3D3.91&ktd[]=274894749952&ktrkt[]=Top+10+E-Bikes&kwd[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=350438700&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0577%7C24%3D97%7C25%3D0%7C22%3D0.0178%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0472%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D7%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.26%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1153%7C24%3D65%7C25%3D0%7C22%3D0.0226%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0420%7C14%3D051108%7C15%3D0%7C1%3D0.65%7Cr%3D14%7C60%3D0.36%7C10%3D1.79%7C63%3D0.10%7C62%3D0.75%7C12%3D0.54%7C2%3D3.08%7Cps%3D0.378%7C3%3D0.81%7C4%3D1.75&ktd[]=274894749952&ktrkt[]=Private+Krankenversicherung+im+Test&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2287%7C24%3D93%7C25%3D0%7C22%3D0.0183%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0535%7C14%3D051108%7C15%3D0%7C1%3D0.29%7Cr%3D6%7C60%3D0.52%7C10%3D1.79%7C63%3D0.10%7C62%3D0.29%7C12%3D0.23%7C2%3D3.36%7Cps%3D0.378%7C3%3D0.54%7C4%3D4.17&ktd[]=274894749952&ktrkt[]=Sparkonto+mit+5%25+Zinsen&kwd[]=E-Bikes+g%C3%BCnstig+kaufen&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=329660640&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0284%7C24%3D82%7C25%3D0%7C22%3D0.0197%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0443%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D8%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.22%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=E-Bikes+g%C3%BCnstig+kaufen&kwd[]=Kredite+f%C3%BCr+Rentner&kwt[]=391&kbc[]=1262271193&kwp[]=8&kid[]=329517997&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0578%7C24%3D2%7C25%3D0%7C22%3D0.0504%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0437%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D12%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.26%7C4%3D2.03&ktd[]=274894749952&ktrkt[]=Kredite+f%C3%BCr+Rentner&v=1&gdpr=1&geo=50.97%7C11.03&dlper=20&lper=100&lpid=&tsid=3&hint=&cc=DE&wsip=170774755&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22JLkxL7%22%2C%22QQ8E%22%3A%22fuh.uuH.fuW.9%22%2C%22QQQN%22%3A%22_q%22%7D&cid=8CU62MU8E&vi=1683835588872392107&vsid=DefVid&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=41000c80a&vgd_nrrsf=scrr&vgd_cty=erfurt&vgd_ifrmode=13&vgd_l1rakh=1683835588167570853&tsrc=entity&sttm=1683835588450&upk=1683835588.2298&hvsid=00001683835588450036481827848647&verid=3111299&sbdrId=99&vgd_ecrid=424785534&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D31103&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&vgd_cfud=230306&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=120_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A120%3Brend_h%3A600&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683835588450036481827848647&rc=0&rand=1683835588832&acid=f9f6cbbe3b5a4dd4a287003bdc1659b6&matm=1683835588832&vgd_ltimesrc=1&vgd_ltime=680&vgd_rtime=641&vgd_etm=9&vgd_l1hcsd=Sks67%7C3100&vgd_l1ch=1&vgd_lhl=1056&vgd_pgid=p1690801221t202305112006&vgd_csip=rtb-common-8549976cf7-jp9lv.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_left_sticky_rail_0__container__%7CDIV-e1919e8e-fd4d-40af-ba5a-615d0f01470a&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683835588872392107&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&perf=1&ydspr=1&pgid=p1690801221t202305112006&essld=fuh.uuH.fuW.9~r4~_q~JLkxL7&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:06:28 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:06:28 GMT
img
pixel.mathtag.com/misc/ Frame AADB
43 B
528 B
Image
General
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=469709&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 May 2023 20:06:27 GMT
content_v3.js
vidstat.taboola.com/
16 KB
6 KB
Script
General
Full URL
http://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
4012130
X-Cache
Hit from cloudfront, HIT
Connection
keep-alive
Content-Length
4839
X-Served-By
cache-fra-eddf8230033-FRA
Last-Modified
Wed, 20 Jul 2022 13:23:50 GMT
Server
AmazonS3
X-Timer
S1683835589.961739,VS0,VE0
ETag
"f7533e747bb02a8eb527ada4f2749620"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
X-Cache-Hits
54091
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/
436 KB
102 KB
Script
General
Full URL
http://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683622864
Date
Thu, 11 May 2023 20:06:28 GMT
Via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
212679
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1683622864
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
103956
X-Served-By
cache-fra-eddf8230033-FRA
Last-Modified
Tue, 09 May 2023 09:01:05 GMT
Server
AmazonS3
X-Timer
S1683835589.983889,VS0,VE0
ETag
"3277393b352241263c34b3d6dff9248e"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
KSlDPb9LS5gv2Dj-l8mnog6rrNL660JLsWnJ-1zwaBtlJYbVZMsTnA==
X-Cache-Hits
31000
sync
am-match.taboola.com/ Frame 9E0A
422 B
507 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
44fdf8e86ebc1532b362f264d1100c76103ff724160b49d9efa0e1b4d81b2828

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 11 May 2023 20:06:28 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/
0
112 B
Image
General
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&cmcv=&pix=31579697&cb=1683835588967&uv=3275&tms=1683835588967&su=3&abt=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
/
www.youronlinechoices.com/wp-content/plugins/optout/callback/
0
0
Image
General
Full URL
https://www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=0nwNZM7aIqn6ZNXauFIyeIL7BMA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.85.112.191 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

log
lg3.media.net/ Frame 133B
35 B
185 B
Image
General
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CU62MU8E&vi=1683835588872392107&hvsid=00001683835588450036481827848647&cdv=950&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=207&l2s_downloadTime=9&l2s_total=216&l2s_start=401&l2s_sslTime=0&l2s_trfSize=27.2&l2s_decSize=76.0&l2s_encSize=27.0&l2s_nhp=h2&l1s_dnsTime=15&l1s_connectionTime=42&l1s_waitTime=193&l1s_downloadTime=32&l1s_total=226&l1s_start=11&l1s_sslTime=24&l1s_trfSize=46.0&l1s_decSize=127.4&l1s_encSize=45.7&l1s_nhp=h2&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:28 GMT
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:28 GMT
img
pixel.mathtag.com/comp/ Frame AADB
0
492 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x12 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:29 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x12 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:06:28 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
90 KB
Media
General
Full URL
http://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
Date
Thu, 11 May 2023 20:06:29 GMT
Via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
X-Amz-Cf-Pop
FRA60-P1
Age
3871943
X-Cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
90784
X-Served-By
cache-fra-eddf8230087-FRA
Last-Modified
Sun, 02 Jul 2017 20:40:57 GMT
Server
AmazonS3
X-Timer
S1683835589.050360,VS0,VE0
ETag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
X-Cache-Hits
1346039
generic
match.adsrvr.org/track/cmf/ Frame 9E0A
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9E0A
0
531 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:5e70:3935:160a:9425 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
sync
x.bidswitch.net/ Frame 9E0A
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.1.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-1-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:06:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
log
hblg.media.net/ Frame 02AA
35 B
200 B
Image
General
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARANTQyOTBlYTBkOGE3NGRhODk3YWY3YWNhY2MxYjZlZGPUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MTgOMzAweDYwMApldV9iZQQyMxBBUFBORVhVUxI4UFIxMTNKR0MGNDYyABAyNzU4NzUxOAIwPHJ0Yi1jb21tb24tODU0OTk3NmNmNy05OTU3ay5CRRI0MjQ3ODU5NzYCMAAgARBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.244.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 02AA
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBkT4PZAahs_iQZbrNiVcrjJDW2CmqRofEoujorF_R5n8IIboIzs4dftxTqkhebuwzyPGUJsMYEOREFE6BXzOr1xP7Al9iyPJiCN01stC7aqKlHeqF&sig=Cg0ArKJSzOeVtGlcboEvEAE&id=lidar2&mcvt=1000&p=487,975,1091,1275&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=3165786696&rs=4&la=0&cr=0&vs=4&r=v&rst=1683835588086&rpt=259&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/
0
287 B
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
via
1.1 varnish
x-served-by
cache-fra-etou8220034-FRA
server
nginx
x-timer
S1683835590.551807,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:06:29 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1612
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1683835590.575178,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
72
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7553484
vevent
ams3-ib.adnxs.com/ Frame 02AA
0
955 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLoBPBMaAIAAAMA1gAFAQjDlfWiBhCP7cmnp4a2smQYodHDnt-roNMqKjYJ16NwPQrX6z8RZRniWBe35T8ZAAAAwPUozD8hZRniWBe35T8p16MJJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgULjwxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvD9mAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvb_W-oCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMTExNDU2MDAxNzQ0NTE2OTA4OV9zYmlkGhM3MjM0MTQ0NjEyNjg1ODcwNzM1Igk0MjQ3ODU5NzYqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjIzqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLghHfA-iAUBmAUAoAXBz7CF5M3tuw-qBSRmZTI3NjVhOC0zOGJjLTRhNjYtOWQzMS01MTQ5NTVhMjhmY2TABQDJBQAAAQIU8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWgQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0VYwEkCNoHBgFccBgA4AcA6gcCCADwB5H4AYoIAhAAlQgAAIA_mAgB&s=f583fd1cf1f86b054f1f355ecc14233d04185a72&type=pv&jm=1003&px=975&py=487&bw=300&bh=600&sf=1&sid=3156532161339679560&vd=ct~0|rr~5&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587518&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:29 GMT
AN-X-Request-Uuid
d7de9027-d9dc-4773-b1fe-c02982263e20
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
pips.taboola.com/
64 B
242 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2047a72677198fed393783b5f72fc9451b0304fec6beb4fa948c72347a89a0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-gig2250076-GIG
date
Thu, 11 May 2023 20:06:30 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
async_usersync
ib.adnxs.com/ Frame 5065
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:29 GMT
AN-X-Request-Uuid
fdc1ce89-c934-4d9b-bc27-8233690cd2af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
hblg.media.net/ Frame 133B
35 B
200 B
Image
General
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAZjlmNmNiYmUzYjVhNGRkNGEyODcwMDNiZGMxNjU5YjbUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MjAOMTIweDYwMApldV9iZQQyMxBBUFBORVhVUxI4UFIxMTNKR0MGNDYyABAyNzU4NzUyMAIwPHJ0Yi1jb21tb24tODU0OTk3NmNmNy1qcDlsdi5CRRI0MjQ3ODU1MzQCMAAgARBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.244.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:06:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 133B
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR88KSvqKCIk1APbXD-ZSMKydAG0IUGfcYsqWJVKVAK0JCLjGNQKIbwv8Cy0yhts6pfdp54qHqdSLoNPJ0GOCtGaBRRGzgn0jYCPPqSiY_G5uyB9NP&sig=Cg0ArKJSzBi2RgxjqupCEAE&id=lidar2&mcvt=1008&p=487,345,1091,465&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=1572973691&rs=4&la=0&cr=0&vs=4&r=v&rst=1683835588057&rpt=678&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8BE8
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOSgituYeOQaY7p33313Y_Pg91tWchCsfeHmi5hSSAmS6qogR1AufIRb_hRnLY17ER0Cjo8pOeZdTD7UqJIkxTvOFrHNdp8g0ku1t4JisTbTpzuu7fpufMaOS7CtMo1thmrb6E_Q&sai=AMfl-YSfSgdvGJJUNbva0Hq2we6XADJ7PNRt6XOjSzECkp_Oc9kJA4TTj4H8Gn0mLke9gDfZnNFjVPzerBGdykkrRl_RS7GlgM981Gd6jX_C2dWyjFWdCuXYupoKYZTombHikC1F4pRO1zvYTqou&sig=Cg0ArKJSzD1xeh7hgndYEAE&cid=CAQSSwBygQiD2drPgYFl1ICYdB8eNPuX2IkKLj19UNmBbdcs3y3c8GXKXLjR48nB1fqWcpRLfO38G3nKeeXmnrfkeWg6O-SazRnBZWh0UxgB&id=ampim&o=40,1076&d=1520,124&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=693&tls=1698&g=100&h=100&tt=1698&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 133B
0
955 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QK5BOg5AgAAAwDWAAUBCMOV9aIGEO7xr-Sc0L2EVxgAKjYJd76fGi_d1D8RZ7gBnx9G0D8ZAAAAoEfhyj8hZw0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvD9mAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMXoAMBqgNBEhg0OTg1OTYwNDIwODY5MDIyMzc1X3NiaWQaEzYyNzE1MzM1MTg0NTYzNTUwNTQiCTQyNDc4NTUzNCoFTTExNzPAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBP4hHViIBQGYBQCgBafFuLDgkuyYRcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBaBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQI2gcGAVxwGADgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=c9fd300543e3862681fd622a44b595e62bd79f6c&type=pv&jm=1003&px=345&py=487&bw=120&bh=600&sf=1&sid=3156532161339679560&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587520&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:06:29 GMT
AN-X-Request-Uuid
c3d43afc-de07-4f4c-b96e-82f5999fc92b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
tra.neodatagroup.com/ Frame AADB
1 B
2 KB
Image
General
Full URL
https://tra.neodatagroup.com/cm?sid=1&pv=MEDIAMATH&eid=2ef5645d-4ac4-4100-b3be-37228f90d265&rt=img&rnd=1092966682000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:06:29 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
img
pixel.mathtag.com/misc/ Frame AADB
43 B
528 B
Image
General
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=973968&check=2ef5645d-4ac4-4100-b3be-37228f90d265&mop_top=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=2ef5645d-4ac4-4100-b3be-37228f90d265&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1092966682000&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:29 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 May 2023 20:06:28 GMT
bqi.php
lg3.media.net/ Frame 02AA
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?vgd_len=1944&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=300_600&vgd_ren_page_h=6414&vgde_bdata=~G-MjJzviAf~G8Ovu.AF9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvA99-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9W~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9W9~OYYMYuv9.fFF~OYYMYu9vu.999~OYYMYuuv9.ihA~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fWu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.AAu~JMLEYv9.fFF~JLEYv9.fFF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEvu.AF9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.AF9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vAX~OmyGvuof~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=647316259&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683835588794091889&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683835588210&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683835588168634419&l1ch=1&l1hcsd=l1!Sks67|3100&tsrc=entity&sttm=1683835588216&upk=1683835588.5494&hvsid=00001683835588216036481827849110&acid=54290ea0d8a74da897af7acacc1b6edc&verid=3111299&vgd_sc=HE&infr=1&stime=1683835588095&vgd_ecrid=424785976&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p1690801221t202305112006&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:06:29 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:06:29 GMT
bqi.php
lg3.media.net/ Frame 133B
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?vgd_len=1959&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=120_600&vgd_ren_page_h=6414&vgde_bdata=~G-MjJzviHF~G8Ov9.FW9~G-M1QzvAuu9A~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875v4DsPD_~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hF~OYYMYuv9.ffF~OYYMYu9vu.999~OYYMYuuv9.iF9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fAh~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXu.999~OYYMYAFvuXu.999~OYYMYAivuFh.999~OYYMYH9vuFh.999~OYYMYHAv9.hH9~OYYMYXvu.999~OYYMYXuvuXu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fii~JMLEYv9.ffF~JLEYv9.ffF~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8Evfuh.uuH.fuW.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FW9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=813823675&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683835588872392107&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683835588445&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683835588167570853&l1ch=1&l1hcsd=l1!Sks67|3100&tsrc=entity&sttm=1683835588450&upk=1683835588.2298&hvsid=00001683835588450036481827848647&acid=f9f6cbbe3b5a4dd4a287003bdc1659b6&verid=3111299&vgd_sc=HE&infr=1&stime=1683835588201&vgd_ecrid=424785534&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p1690801221t202305112006&vgd_pgids=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:06:30 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:06:30 GMT
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043&uad=7f4bda5663702c386616dd479496298ac3df87f9d20911b41098e0b9776765aa
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:06:30 GMT
cache-control
no-store
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
1 KB
1 KB
XHR
General
Full URL
http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683835591274&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1518&pt=-1389080532&tz=0&viewable=true&ddast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
415a1590f5db75cf293cdfab48d67378995c6b5b0f79247a3e5114cb7e5632b4

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

X-Cache-Hits
0
Date
Thu, 11 May 2023 20:06:31 GMT
Content-Encoding
gzip
Via
1.1 varnish
MachineId
1464
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-fra-eddf8230065-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1683835591.284954,VS0,VE280
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2037571623&i6=2001:1b60:2:240:3247::6&r=http%3A%2F%2Fultrasurfing.com%2F
Domain
c.amazon-adsystem.com
URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
am-wf.taboola.com
URL
http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683835594277&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1518&pt=-1389080532&tz=0&viewable=true&ddast=V8U40CLAashLxFsemovxBYCXmLYtNRfykAAABgYID-AEkuBsvVzLdcayymwVq0Gg7XytHIsdZYlhOPw-NybSYLIyDJxWC5mvmWa43FNFiLVsPhWjkaOdYay3LicXhcrs1kYQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzJDpo3xhGlviRR8FmEEAAAAIFtO--LIJJ2gYlHl__-_3wrAFQCAAEQGNoW0LLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEWrqiUsDtH2toOYXEABgzS8gAACbcQMA8EYATtAhaMVgsDoJNNhsJovZajg7AAAAAHf-____9YCYyTIbmQar2WRjcS42m41l5BhsbIvRyLVxTlYj74mwL3Vm0aSk6BMiLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-DMRiM0ATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGlquFY7dyrkW22cIt2u1mbonNNVhLhqvFamLZTBbLiVv0-pgurtnIMNpskWAAyl4kT4t0orKYTK7ZyGYyzZyDlc0w2S18C-dotvDsRsvlbDkRSzQni3Qiu-xrJstsZBqsZpONxbnYbDaWkWOwsS1GI9fGOVmN_IXlauHYrZxrkW22cIt2u5lbYnMN1pLharGaWDaTxXLiFr0-potrNjKMNvvGbLgZblar4W7fmA03w81qNdztO0ymZ-pzNoprOYlH5bQ6fz6DzWlQuAwW709iWky7s4Pp5Ds6dYZpsqgz-v1-v9_v9_v9fr9B6zmYDQrf31rdPX8zW7bvkh3EBoMilggu0onqbLo8PK_Lza06my4Pz-tys4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jB1ns5orFaC5ZDOeSzSoBAAAAAAAAAFiCaaabAAAAADgZyGax2KzW6SA2m9Fst1ouAIj4eV0AAAAAAAAAALvQi8LGrfRS7Yo19thEnU2Xh-d1ublVZ9Pl4XldblYGABHPzmyzzwhirVbLGgAAgAA2AACAAG668SbgvIr7____HwcAAEBGDj0AAAD6fUBV5cKPXCj2_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=dfrc_vA!esv_vB!nonrv_vA!nrlc_vA!ntvc_vA!smbs!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3

Verdicts & Comments Add Verdict or Comment

424 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| __cfQR function| gtag object| dataLayer object| _taboola string| bs_id_1716 boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data object| aawChunk object| aaw object| _pbjsGlobals object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| apstag function| docReady object| mnet object| liQ_instances object| TRC object| _tblConsole undefined| msg object| _comscore function| s_hsp function| pb_sdp number| mt_gdpr_on object| mt_gdpr_content boolean| pb_4 string| pb_9 number| mt_ext_stat number| mt_ext_stat_send boolean| mt_bid_cache boolean| mt_cmp_on number| mt_cmp_opt_lvl number| mt_dbstat_on number| mt_dbstat_cmp_only boolean| pb_l_result_found number| pb_8 number| pb_gv object| mt_temp_params number| mt_global_build_time object| mt_special_params object| mt_stopped_tags object| mt_google_slot_statuses object| pb_cl function| mt_get_container number| mt_start_loading_time function| pb_lg function| mt_add_temp_param function| pb_th function| mt_add_hb_history function| mt_add_google_history function| pb_ib function| mt_search_divs function| mt_search_div function| pb_f function| pb_f_sub function| pb_i function| mt_gtt function| mt_get_tag_by_id function| mt_get_tag_by_block function| mt_get_el_desc function| pb_l function| pb_sc function| pb_cp function| mt_get_geo function| mt_check_image function| intFromBytes function| bin2String function| pb_cb function| check_double_time_diap function| check_time_diap function| pb_rds function| pb_rdn function| pb_rde function| pb_ggr function| pb_ci function| pb_cg function| pb_cc function| slsc function| clsc function| glsc function| pb_glv function| pb_clo function| mt_check_block_mask_id function| mt_check_block_pattern function| mt_check_mask_pattern function| mt_undnone_elements function| pb_pi function| pb_v function| pb_xr function| mt_set_tag_leveling function| mt_get_day_of_week function| mt_put_wrapper function| mt_custom_replace function| mt_check_have_childs function| mt_use_teplate function| und function| mt_rp function| clear_id function| mt_check_ip function| mt_throttle_check function| lrm function| lgf function| chr function| adh function| mt_filter_script_repeat function| mt_filter_custom_triggers function| mt_filter_stop function| mt_filter_sizes function| mt_filter_iterations function| mt_filter_cmp function| mt_mlt_filter_template function| mt_mlt_filter_auto_placement function| mt_mlt_filter_multi_blocks function| pb_fsbl function| mt_bl_ex function| mt_ch_mltb number| mt_prebid_timeout_default number| mt_prebid_timeout boolean| mt_prebid_timeout_changed function| pb_h function| pb_rn function| mt_native_try_tag boolean| mt_window_focus_state function| pb_srl function| pb_a function| pb_pt function| mt_dt function| pb_s function| pb_spt function| mt_execute_passback function| pb_p function| disp function| pb_e number| mt_google_collector_activate_attempt function| mt_init_google_history function| s_g1 function| mt_receive_google_event function| mt_process_google_event function| mt_set_google_size function| s_g2 function| mt_check_google_ready function| mt_google_detect_activity function| mt_get_google_slot_by_id function| mt_clear_google_id function| mt_get_google_iframe_ad function| pb_st function| pb_ss function| pb_se object| cmp_list object| pb_lg_buffer function| mt_get_cookie function| mt_register_cmp_events function| check_cmp_timer boolean| mt_cmp_refresh_activated function| check_tcf_api function| mt_refresh_tags_cmp number| variable_1 object| didomiEventListeners object| mt_custom_triggers object| mt_custom_triggers_to_tags object| mt_custom_triggers_functions function| pb_pttg function| mt_process_triggers_array function| mt_process_triggers function| mt_process_trigger function| mt_process_filter function| mt_get_var_sub function| mt_check_google_ad_targeting function| mt_client_stat_add function| mt_add_client_stat function| mt_clear_client_stat function| mt_send_client_stat function| mt_client_stat_show function| mt_add_google_event_stat_click object| mt_client_click_iframe_stat_object function| mt_client_add_click_event function| mt_client_analyze function| mt_tag_have_deamon_leveling function| mt_client_deamon_leveling boolean| mt_blur_event_added function| mt_hbstat_process function| pb_so function| mt_add_dnone_stat function| mt_send_googletag_stat function| get_recursive_object function| mt_check_double_impression function| mt_send_double_impression_stat function| mt_start_double_impression_timer function| mt_add_google_send_stat_temp function| mt_add_google_send_stat function| mt_send_google_statistick function| mt_stat_get_connection_type function| mt_stat_get_os_type function| mt_stat_get_device_type function| mt_stat_get_browser_type function| pb_m function| pb_d object| mt_outdata object| mt_words_dict object| tag_templates function| mt_statistick_tick function| mt_add_ticker_statistick function| mt_send_ticker_statistick function| mt_set_timing function| mt_have_timing function| mt_round_timing boolean| p object| pb_t number| pb_5 object| _gcio boolean| element_in_viewport object| pb_10 object| _qevents number| year object| _exaudiadapex boolean| pcommonID object| COMSCORE object| ns_p boolean| apstagLOADED object| apscustom object| _aps object| lotame_sync_16576 function| ha function| GCIO object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| mt_throttle_timers function| quantserve function| __qc object| ezt object| _qoptions object| $jscomp object| _neodataTags function| _neoJsPiggybackHandler function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa undefined| google_measure_js_timing object| mt_google_history boolean| mt_google_collector_activated object| hadron boolean| __halo_loaded__ object| PublisherCommonId function| setImmediate function| clearImmediate object| ID5 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| mt_google_stack object| au string| nam object| placementData object| GoogleGcLKhOms object| cmTag object| _cm_wfCounters string| lastWfUrl object| _mNDetails object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| lnt_z function| MtBts function| metric object| google_image_requests object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category object| img function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer number| pb_0 number| mt_time_old number| mt_time_new

32 Cookies

Domain/Path Name / Value
.ultrasurfing.com/ Name: _ga_Y4YW22RJ0K
Value: GS1.1.1683835586.1.0.1683835586.60.0.0
.ultrasurfing.com/ Name: _ga
Value: GA1.1.1070517397.1683835587
ultrasurfing.com/ Name: _uc_referrer
Value: direct
ultrasurfing.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.prebid.a-mo.net/ Name: __amc
Value: 1_1683835587_1683835587
.rubiconproject.com/ Name: khaos
Value: LHJK8E7W-1N-E7QT
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrgG8OXjmUAZrU1ZxogGjlwOA+xFj1I9sdpdF/86rQGb6b9znuJm2Ck9o4CW9FCQy2O1cY3TuAeAeBxGCOXoSK1qthgj1jQEsHc6UO785F0Pw==
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEww5X1ogY4AUABSAEQw5X1ogYYAA..
.adnxs.com/ Name: uuid2
Value: 5244989658897313269
.quantserve.com/ Name: mc
Value: 645d4ac3-4997a-6aedf-8f7a5
.ultrasurfing.com/ Name: __qca
Value: P0-1435782620-1683835587102
p2.gcprivacy.com/ Name: gcid
Value: d28bb04b-43bb-447e-8e03-94f82d24e423
ultrasurfing.com/ Name: gcid_first
Value: d28bb04b-43bb-447e-8e03-94f82d24e423
ultrasurfing.com/ Name: _lr_retry_request
Value: true
ultrasurfing.com/ Name: _lr_env_src_ats
Value: false
ultrasurfing.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D095a17e9-d66a-477f-bf50-28515b23219b-tuctb56d043
.liadm.com/ Name: lidid
Value: c659a5a3-7ec4-42fc-a19e-1b9e65c7a53d
.ultrasurfing.com/ Name: __gads
Value: ID=2d64c278adf5e8b8:T=1683835587:S=ALNI_Ma4CU7AfL6cO2cbgxkMzVOP4cOaUQ
.ultrasurfing.com/ Name: __gpi
Value: UID=00000c14fdff3fdb:T=1683835587:RT=1683835587:S=ALNI_MZQEqbrGEyr2RzgeJehNAzNGwGLiQ
.doubleclick.net/ Name: IDE
Value: AHWqTUl3v6SK9vAj5whhqmxII-FeUwe53yw-nnCHqEp0MYwmnn1Q-9rL9MfwR1goCWQ
.mathtag.com/ Name: uuid
Value: 2ef5645d-4ac4-4100-b3be-37228f90d265
.neodatagroup.com/ Name: cProfile
Value: AQMQGNgd7gXQAAAAAAAEAAABiCEFfvcAB2RlZmF1bHQ=
.neodatagroup.com/ Name: cP
Value: AVADEBjYHe4F0AAAAAABrDi2
.yahoo.com/ Name: A3
Value: d=AQABBMRKXWQCEEdwz2iC59DkuP2fiFxO_qUFEv__AP8AAAAAAOAXyiMAAMAAgA&S=AQAAAkD2RlrWtuwyuyHG5qYRQxs
.doubleclick.net/ Name: DSID
Value: NO_DATA
.neodatagroup.com/ Name: cOptout
Value: 0|yocToken:0nwNZM7aIqn6ZNXauFIyeIL7BMA
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.mathtag.com/ Name: mt_mop
Value:
.linkedin.com/ Name: bcookie
Value: "v=2&3c3133de-3fa9-4c57-8315-32d163d14a74"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODM4MzU1ODk7MjswMjFeMY+oSaq19Gqt0GwfYaKJQyYfkCOwTBqniZupUtbKNA==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2880:u=1:x=1:i=1683835589:t=1683921989:v=2:sig=AQHVGg49EfkFeHJjeuS8r_7ZACFHd7TR"
.neodatagroup.com/ Name: tr
Value: loCAwIGpTUVESUFNQVRIzmRenEWAgtoANDMxMDE4ZDgxZGVlMDVkMF82YTkxNDY1NC02ZmVkLTQxNmQtYTM2Zi04ODY5NGEzMWYwMTXOZF1KxNoANDMxMDE4ZDgxZGVlMDVkMF8yZWY1NjQ1ZC00YWM0LTQxMDAtYjNiZS0zNzIyOGY5MGQyNjXOZF1KxQ==

7 Console Messages

Source Level URL
Text
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2037571623&i6=2001:1b60:2:240:3247::6&r=http%3A%2F%2Fultrasurfing.com%2F' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2037571623&i6=2001:1b60:2:240:3247::6&r=http%3A%2F%2Fultrasurfing.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idx.liadm.com/idex/prebid/any?resolve=nonId
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a904a185e45baeb853260f4918ec5d8.safeframe.googlesyndication.com
a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ams3-ib.adnxs.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.neodatagroup.com
cat.hbwrapper.com
cdn.adnxs.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
dpjgrnd6i7dk0.cloudfront.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hblg.media.net
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imprammp.taboola.com
increaserev.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lg3.media.net
match.adsrvr.org
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
qsearch-a.akamaihd.net
region1.analytics.google.com
rt.marphezis.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tempnextstat.bcovery.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tra.neodatagroup.com
tracker.neodatagroup.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
warp.media.net
wf.taboola.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youronlinechoices.com
x.bidswitch.net
am-wf.taboola.com
api.rlcdn.com
c.amazon-adsystem.com
fid.agkn.com
104.111.216.201
104.111.217.42
104.18.25.185
13.224.192.181
13.32.99.105
141.226.224.32
141.226.228.48
142.250.184.194
142.250.184.198
147.75.84.158
151.101.1.44
151.101.129.44
151.101.193.108
151.101.65.44
162.19.138.116
162.19.138.119
178.128.135.204
18.66.122.63
18.66.138.185
185.83.142.19
185.89.210.153
185.89.211.116
192.241.157.60
2.19.244.27
2.21.20.138
20.101.38.191
2001:4860:4802:34::36
212.82.100.182
213.19.147.42
216.52.2.30
23.201.255.110
23.209.22.22
23.35.228.23
2600:1901:0:8344::
2600:9000:223c:a800:6:44e3:f8c0:93a1
2600:9000:2250:4c00:c:aa3e:9800:21
2602:803:c003:200::51
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:7e
2606:4700::6810:84e5
2606:4700:e6::ac40:c516
2620:109:c002::6cae:a14
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9a
2a02:2638:d::d
2a04:4e42:200::485
2a04:4e42::300
2a05:d018:d29:3601:5e70:3935:160a:9425
2a0c:5c81:5142::2
3.121.1.231
3.73.41.176
3.75.62.37
34.107.148.139
34.117.132.248
34.95.69.49
35.171.176.233
35.171.180.138
35.186.253.211
40.85.112.191
44.205.127.242
51.75.86.98
52.211.18.51
52.223.40.198
52.29.92.162
52.31.89.240
52.46.143.56
54.239.38.253
65.9.66.122
69.173.144.165
8.43.72.98
95.101.148.20
004ca736c3ee3301e2b75dfb408c1627d69caaad8da15eeabc1f0ba580721634
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
01e6af74c919664d7ebb23765ff42321e13cd1749ef6ca6a3a15728fb286b924
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
041fae49bdc332d692b89d7d8c708dfb28f175d10cddaf1959c1bb46ddd4d3c5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06cbdddf719979fe4d5dcac344771f5766b40226d5b80ea66b61615035acb088
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdafea178344ab1276f6d7dca757fb51a0e647fe9495604f2d79ee0aa874b19
0c6e52091ad8d52e336822918cddcc9f730e0a17ad3946c881267af32d4a6039
0d50307df742b363a2828b00e4ad0b51db700a817a5859d18b40ebea9ebb4363
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12d8a059dc9d896ba6fb8634510c6afe07672ee616117bb140a5b515a5f16754
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
191c6017f0a38a7f70b48f2f757cca7aedfd76aebb483cba194a215e4013f53f
19e44db8e9ee42dbd948e9883b87cb4e4442ec6e6944a48c358a4d0b837afb1b
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b55761bd6e09c47961fde7ad9d3bfffc1e403d69ea0938f8a0eaddd78368cbb
1b6e6ce2d7697506fd2219e550944df31e895c0ece0f8e26c85825a7652a6af7
1c472226f24574b8461a62bfeddceda70b2cfbf007d8ba0e7cf8a7e245676e30
1cbc6426b069330c054993f1c434f91e2bf464ad386236d1b557483d7baa4dd1
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f
2047a72677198fed393783b5f72fc9451b0304fec6beb4fa948c72347a89a0e4
22f0a1deaad55d20892f403df7572309e177e5a65eaad2fca1e811f3876d51b5
258944663df33934f98aec7ba3b6c76c17698de7225e81de08566f4c25bd5bed
274f572aaf1453d313af892b1af4ce76b413ca833b6c3ec062923eb6e82db61b
289c155c83989cc97678fc32d8d0f5abe114fd78cdb6f7d7e0d0af1eff8df7c2
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d
2d8a373447aeea8fca14633f25e8c238ad3066a602341e80133d07e2160df825
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
32bab33a9f0d77e9b2bb53e8cc82d542563e157cd1a12a25fd81626fd1989059
3541648f363655512d227b22cb0b26cbb9e2601d40cafeb9e76aa117be0625ed
357d451ba51323303d179a2abecbd9a78cce9a6458d7a604007a180d92ca72e0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
3857634543824c46b5f1f435e9375e75e0ad96b16d9bf4525e54f0f14bfb25e8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d58b29ffaca204de2d5e1e4e12ebe5dcb7d85ba97268e86470798d2da291481
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415a1590f5db75cf293cdfab48d67378995c6b5b0f79247a3e5114cb7e5632b4
43339c60e19f2fce2ba2c5bd81941be5cca2b57854d2c408884ee854b9730910
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449af71a6dc969c041208f40c584f681e7c0a97735928075243e9ccd57720d74
44fdf8e86ebc1532b362f264d1100c76103ff724160b49d9efa0e1b4d81b2828
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4611246a572821ab980883dacc15ce406a00045fbc2e150bb93bad191f0f788e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470256561b11f2f94ffbb4fa1cfe1c61d26b75a77b7e6ba821c3b9b7ca734cbb
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
494bc7f2d9b90bb182b8fde93828217bcfe18ebc305a4568ef309fb5e757b40c
4a0a18910f117e0d70cef28c6b8b19085eebe7604d0ad0bb03f9cfe8c61a155c
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
4a7e5214c17066ad2278d15b001d21f2343958a2792f20dd882d87bcec0404ac
4d885e6bc633bdbd8a6c6118e6910f09ef19bd476f9df24c37cfe03140f0806a
4dd52405cc2ef91346268023c4b7cc5b6751783649fb73e164282ecd595a88ef
511a8f96c62dcc3f40b4fdd83c233df498dd27235c0c61fbef6bb14a5e06f8ff
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
52a4f34420169a3ec8c0c1642bec820bbd9ec51e48cd99f2ef31cee93434cce1
543969c810bc5a87f0701133e8a03ba5daf57e2a0b705283ed66e3485ab86d9c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5664843a0609c7be6240d7afbdcb524adc45f511e1c6ecc610af53c6402f0861
56953a5130eb470c069a867bd1851c0028aa5e15e14719bb58a7454ce9c4532a
5d12e123952767a0af22e97aed0faf979e1d83f9a46eb76f9399ea480f50ded1
5d3b8b373035174d6b983146e654d9a55a5607568032335bf109eb0db2344c71
5d44617f819447bc776ee6c1926dbc6072a3fe4dcd9922ab574a384b965bfcd7
5d8b7b425ee0ae631ee29ded57fd61336197096d9bba829a993fd20a7bdf9f5a
6130a60a0dfcf412d573c061417a33a0bd80324a730e57439e03e6e3e3257fb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65946d8ba9aa49b85c1c8c55bbf0adcc7bcb18f49f78f6332a3075f0a5f38b6c
65fc91eadb9be0343a7020106d1e23024879e75315b0644074dfbe042c1e8c8a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67b8c17b3c24a3061095d1478d3719f933c99faec550958e80db1b59c8318e13
6838e5de3147954f1965da7f593823094ff2c7f6afbf202ffdb4e01f7a893114
6af97b10fc04644cd38a6bfa80b7b9ba81598f92dceb5b24fa8fb545a2d29143
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0
70f2f0557e3584feee01e1ca1eefe848cfd2250c8b3184111a5e654bf0e76395
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
771bba050129df22172e67580938d066a198477596d46d63a71e9676dc02c20c
785f463dd4c78c5ccc27bc7f52fed0771e156304fc365af71f7c862a43d3887f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bfe22e1bd22442f9cf78787ebb8ad5a2dde102220d2c5c748174f13242ceb8d
7c5c716977a23a64d10096062ed3bcd6799b560ee2ee2585b9ae262d3ac4b049
7f41f25d5afc75f427b83012202454df6929af6614233391464977d3c45dfbc6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
838babfddb01c2452c6c6f38ff9314a3b35a38907fac9274341c936a5df9a363
843af39f2008fbd63a73e2364898c75c54eefee8c8eb93564723e11d97fcd960
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
8568ccdb463375872de9737e7beb39bea2f9e503792ee2d09cf16341f6714c39
8889c32eb6f6d47a9b804fc4adc31cef08da9c28cdf428d2dd13cad96bbce960
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
8a93e8b94dce641c2dabc52b9eeeadb52d3bff54a5600b231fa61cac629825b5
8c4f308a5f30f1ccb4f873ec45abdc19990b882f73828b1fb229ad58b6ed242a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9036e0136b1f27073a8a30cad42b360f28fe95001e5562f4030c915a6c633e51
96b5270278ef9513bbc906f078131869ef57824522c1e6f5304ab5a848d10e2e
9831b282c3482dac51c808568a1c54d0d135ceacd48e1228cd7559e5b50c1bfb
984974b85250965fb864f580aee7f46131ea97e843e21b58289513e33685c31b
9c26422444f4909d9a1dea66c068c2fc828c865ce62ec917fa55e142b6fef8b1
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9cd238860c3b0df4b3380477a8e432ecae018dcbbe87546e76415c277acae3b1
9e00fe3d80ba887dcaa091251436843bf2c5fe25b4361815cbee64815e7af709
9e0e4c3852be70c161c8d90e441c1fc2f4c3e8cec473d7e51140e9f3a467325a
a029e04f75118e10cd8a3a407f8effcbee2a9029837cd02f01df2ab6eb788582
a0387f488f47ed0dae7a1f8113f1c29a4a0b8d7fc9c3f7e0a05e2db37958d35f
a0a8ab249355bdff84d2b0e7643c3d39ed25327d8bad19d6e28b8b28754c5f3c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cc6f0e0f1e062b75078a577b806993504667e29f02a185b2ba377033e42e43
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a311330834e6cdf5ee2dec719f329ddc2dc8f93af650ae0cec88aca04b81936c
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a573d67271700ec3fb1825170fdba883d0caf2a32f5c4aabccc12ea37dcc08e9
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a8157c627685ef9620478a64c85ada02d6d1771620b29c7c33856ec70381d288
a8c7af98a343460cc0320f4f5a5bf266e86619b2cdd23d787dab758269439daa
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ac620699086f9dd7de888f4c53c52d64a623ae218b2b739ae8d6373e9baf3beb
acdd89e8d5b8c944579b98ff71f14671fbcb01786d1308b884c542865b1950d1
ae2943fdef7508730ae58037aeb9e3c1cec75bfdaccd3e448d3f9edbe9a91611
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2882735b2cecedd75957446c8d05c24714ca0d592afab71b82a0739723ad76f
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b44d59b6d0e3be9260bffad9b7dc048a60ca8fc93f82e05e49b0a465c45fe579
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264
b532d2ce382b585afd8dcb5ebee9658b00bdf5a666198ce2f6ec2dbc1d4da73c
b6e2e3a5ebde222062f455c1adc8c3a18f93746015048fb9cca6fb69f58fee98
b89ed6cd00243f6c9336f2f8ba82c77898b2d03be6e4cc4fa7a8895765ce6aec
bb58c9d1308d5c5795f6ce237d4371aa1cb54474899db5ccdff8e67a5d9e5749
bcf2d6d1676ee3c177dbcdf3cde63d34682913661e73388cb408f1815a609c55
be8050a13234a52818d6d2f3983e2c5af15c698cb8a1a40885e037305130ffb4
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c5f4068707ae8a4ea8d64c8e4e27e1c1047c9f497e98df216d84b39aa5d87ba5
c645b2297568c10fd6b2a345d2cda9abd7e1266845d2778be66216342cefabc9
c65e345a7ea8e8d6433e67c8efd69ec6cb4d3a8d455ed5afb5d95153e0e60446
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8846180af4c5402d3a9eccff27202a85c7235d96e826a3648254d684abc6daf
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
ca8ec16c88c5a912a302e62342a110190faa6db02d7cf8ebc7f57df4f04f4cd0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce6b3655ff5418c1dfa568904153ce875a2c1d8b6f959a29b4d738826bbc8df0
cf2b69892f79ce42a2f684f6af8cfb6023a82199762b0845151f5dc7af1bb93e
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d4aa2608b034a7a5c7316cb9c49cf8a0e4792e76cdee220c8671b0fb0a855a1c
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d74af5a5adc5c6f3e9f61aa8950f6b0b7127b106126547e815a74823c2ea9360
d762c37b9e079635ca58a2f7c60afdc69d2a2e0cdc6e8ecbd2a8f4603c3106c7
dadfc1ce7ded1002b30665dcd11e2ee8e140951107c4aa3da18af2c830d547f6
ddd4968084c794b22b923d972baa11298e5a6a7bb2289613bc3e70bb6e6076e6
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e249bc435accebad73bbcd86c6b577e9b25cf24c6e8497347f6c4017c3e0ef09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f806631f67f474767c52a993840d15d98db05ada4d98fa5ac55ef6ad451e51
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
eba852d9dbbd20a129bfae63c4aa112651632a0a2ee01cbf744e585fa750d4bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05c87aa74e6c946e0a3f05d46132f25ab4fd5915f43352e6b5ff68ea9871e12
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277
f3ef9fbad3926440b6ca55d62cdcd277133f7775b1fba87aefc1fbf126991677
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68d9d96407bac629b7eb6400f731b6cbd78b7f1f6ebd30401a4b192ad5b5888
f80f3e37043f17036c82b69b31bff8b8342ce4c998a24c06ddbe4a6ee3d1325f
f92c342fb7abf81a360832f55d3df80b35b51ee667b7337f2ef9ef519175cf91
fb551ae3191b43f698484ff839c96f202f65d4971f3c094f10efa8a737481448
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe682ec94727343b2694d1dc2c42e96f14bb458e94b9a09e36e5ac647a5adeaa
fefff4eb67be125e9acda1cb3374802f5980756a95b265c96d5d9dce243af04b
ff74ecf200c9d88696675df10082009529dd040f7c04c10bb0aa4297bc3669f1