urlscan.io logo urlscan.io
SecurityTrails logo

ultrasurfing.com Open in urlscan Pro
2606:4700:e0::ac40:6103  Public Scan

Go To Rescan Add Verdict Report
URL: https://ultrasurfing.com/
Submission: On April 26 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 89 IPs in 8 countries across 63 domains to perform 304 HTTP transactions. The main IP is 2606:4700:e0::ac40:6103, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 320891.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.
This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
92 151.101.1.44 54113 (FASTLY)
1 68.183.18.251 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.105 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
2 2606:2800:233... 15133 (EDGECAST)
2 213.19.147.42 26120 (RHYTHMONE)
1 52.222.247.205 16509 (AMAZON-02)
1 18.66.122.63 16509 (AMAZON-02)
2 37.252.172.123 29990 (ASN-APPNEX)
1 147.75.84.158 54825 (PACKET)
1 51.75.86.98 16276 (OVH)
1 99.80.176.143 16509 (AMAZON-02)
1 216.52.2.91 32475 (SINGLEHOP...)
1 18.157.204.212 16509 (AMAZON-02)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 185.239.173.66 55081 (24SHELLS)
1 18.198.123.21 16509 (AMAZON-02)
1 178.128.135.204 14061 (DIGITALOC...)
3 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 23.215.22.18 16625 (AKAMAI-AS)
2 65.9.66.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 18.210.239.202 14618 (AMAZON-AES)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 3.224.8.5 14618 (AMAZON-AES)
1 2600:9000:224... 16509 (AMAZON-02)
2 54.154.3.66 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 162.19.138.83 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.117.132.248 396982 (GOOGLE-CL...)
1 2600:1901:0:8... 15169 (GOOGLE)
1 50.17.141.61 14618 (AMAZON-AES)
1 34.249.220.178 16509 (AMAZON-02)
1 104.102.35.84 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 141.226.228.48 200478 (TABOOLA-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.38 15169 (GOOGLE)
2 6 20.101.38.191 8075 (MICROSOFT...)
9 88.221.168.207 16625 (AKAMAI-AS)
1 1 37.252.171.52 29990 (ASN-APPNEX)
6 8 142.250.186.98 15169 (GOOGLE)
6 52.223.40.198 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 3.75.62.37 16509 (AMAZON-02)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:226... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2.19.228.175 16625 (AKAMAI-AS)
8 37.252.171.85 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
4 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 193.135.9.124 48314 (IP-PROJECTS)
1 1 217.79.178.236 24961 (MYLOC-AS ...)
1 2 35.186.194.101 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 40.85.112.191 8075 (MICROSOFT...)
2 5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 178.250.1.11 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a05:d018:d29... 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
4 23.37.42.132 16625 (AKAMAI-AS)
2 142.250.185.98 15169 (GOOGLE)
1 8.43.72.98 26667 (RUBICONPR...)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 52.46.130.91 16509 (AMAZON-02)
1 2 69.173.144.138 26667 (RUBICONPR...)
1 2 67.220.228.202 16509 (AMAZON-02)
1 3.76.101.133 16509 (AMAZON-02)
1 141.226.230.50 200478 (TABOOLA-AS)
1 142.250.186.162 ()
304 89
16    2606:4700:e0::ac40:6103 (United States)

ASN13335 (CLOUDFLARENET, US)
ultrasurfing.com
1    2606:4700:20::681a:17e (United States)

ASN13335 (CLOUDFLARENET, US)
increaserev.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
92    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
pips.taboola.com
1    68.183.18.251 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture2.analytics.hbwrapper
cat2.hbwrapper.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
8    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
c.neodatagroup.com
2    213.19.147.42 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
p.gcprivacy.com
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    99.80.176.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-176-143.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    18.157.204.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-204-212.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    185.239.173.66 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    18.198.123.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-123-21.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    18.210.239.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-239-202.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    3.224.8.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-8-5.compute-1.amazonaws.com
p2.gcprivacy.com
1    2600:9000:224a:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    54.154.3.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-3-66.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
6    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
id5-sync.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    34.117.132.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.132.117.34.bc.googleusercontent.com
tempnextstat.bcovery.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    50.17.141.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-141-61.compute-1.amazonaws.com
idx.liadm.com
1    34.249.220.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-220-178.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
at.teads.tv
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
17    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com
11    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
5    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
6    20.101.38.191 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tra.neodatagroup.com
tracker.neodatagroup.com
9    88.221.168.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:2261:f200:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2.19.228.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-175.deploy.static.akamaitechnologies.com
cdn.adnxs.com
8    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
adsdkprod.azureedge.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    193.135.9.124 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    217.79.178.236 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm47.as.net
cm.adsafety.net
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    40.85.112.191 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.youronlinechoices.com
5    2a02:26f0:480:22::1726:62d3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a05:d018:d29:3602:66be:b78c:9970:b3c5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    3.76.101.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-101-133.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    142.250.186.162 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
104 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1073
trc.taboola.com — Cisco Umbrella Rank: 839
vidstat.taboola.com — Cisco Umbrella Rank: 3230
trc-events.taboola.com — Cisco Umbrella Rank: 2128
am-trc-events.taboola.com — Cisco Umbrella Rank: 11067
images.taboola.com — Cisco Umbrella Rank: 2116
imprammp.taboola.com — Cisco Umbrella Rank: 9813
am-match.taboola.com — Cisco Umbrella Rank: 10983
wf.taboola.com — Cisco Umbrella Rank: 3426
am-vid-events.taboola.com — Cisco Umbrella Rank: 9840
vidstatb.taboola.com — Cisco Umbrella Rank: 8495
pips.taboola.com — Cisco Umbrella Rank: 1900
cds.taboola.com — Cisco Umbrella Rank: 2362
am-wf.taboola.com — Cisco Umbrella Rank: 11750
8 MB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
ade.googlesyndication.com
120 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
ad.doubleclick.net — Cisco Umbrella Rank: 201
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
206 KB
16 ultrasurfing.com
ultrasurfing.com — Cisco Umbrella Rank: 320891
132 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
26 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
cdn.adnxs.com — Cisco Umbrella Rank: 2239
fra1-ib.adnxs.com — Cisco Umbrella Rank: 6557
77 KB
9 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1405
7 KB
8 neodatagroup.com
c.neodatagroup.com — Cisco Umbrella Rank: 36186
tra.neodatagroup.com — Cisco Umbrella Rank: 35833
tracker.neodatagroup.com — Cisco Umbrella Rank: 35132
17 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
64 KB
6 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
1 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
2 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
8 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
36 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
2 MB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 89
4 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
id.crwdcntrl.net — Cisco Umbrella Rank: 2256
24 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4186
a.ad.gt — Cisco Umbrella Rank: 4166
4 KB
3 azureedge.net
adsdkprod.azureedge.net
882 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3166
google-bidout-d.openx.net — Cisco Umbrella Rank: 3148
674 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2930
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
204 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4649
315 B
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 6343
866 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
97 KB
2 bcovery.com
tempnextstat.bcovery.com — Cisco Umbrella Rank: 128742
83 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
806 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
449 B
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1416
x.bidswitch.net — Cisco Umbrella Rank: 427
386 B
2 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 35669
p2.gcprivacy.com — Cisco Umbrella Rank: 30204
10 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1142
164 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1478
pixel.quantserve.com — Cisco Umbrella Rank: 1327
9 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 3425
adservice.google.de — Cisco Umbrella Rank: 5261
939 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
3 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
649 B
1 youronlinechoices.com
www.youronlinechoices.com — Cisco Umbrella Rank: 109186
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 16731
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 21556
823 B
1 microsoft.com
adsdk.microsoft.com
33 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083
2 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3353
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
13 KB
1 teads.tv
at.teads.tv — Cisco Umbrella Rank: 4942
339 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3099
427 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1915
250 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1291
634 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3273
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1912
1 KB
1 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 26045
173 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
555 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 7095
1 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
566 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
628 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 942
225 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
364 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
276 B
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 163
464 B
1 hbwrapper.com
cat2.hbwrapper.com — Cisco Umbrella Rank: 30705
261 B
1 increaserev.com
increaserev.com — Cisco Umbrella Rank: 185349
169 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 agkn.com Failed
fid.agkn.com Failed
304 63
Domain Requested by
56 images.taboola.com
19 cdn.taboola.com ultrasurfing.com
cdn.taboola.com
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
increaserev.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 ultrasurfing.com ultrasurfing.com
9 pixel.mathtag.com c.neodatagroup.com
pixel.mathtag.com
8 fra1-ib.adnxs.com increaserev.com
ultrasurfing.com
cdn.adnxs.com
8 cm.g.doubleclick.net 6 redirects eus.rubiconproject.com
8 securepubads.g.doubleclick.net increaserev.com
securepubads.g.doubleclick.net
ultrasurfing.com
www.googletagservices.com
7 trc.taboola.com cdn.taboola.com
6 match.adsrvr.org googleads.g.doubleclick.net
imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
5 s0.2mdn.net ultrasurfing.com
s0.2mdn.net
5 www.bing.com 2 redirects ultrasurfing.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ultrasurfing.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 gum.criteo.com 1 redirects cdn.taboola.com
increaserev.com
static.criteo.net
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
4 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
4 am-trc-events.taboola.com
4 id5-sync.com cdn.id5-sync.com
increaserev.com
3 adsdkprod.azureedge.net ultrasurfing.com
3 tracker.neodatagroup.com 1 redirects
3 tra.neodatagroup.com 1 redirects
3 id.hadron.ad.gt cdn.hadronid.net
increaserev.com
3 fastlane.rubiconproject.com increaserev.com
3 c.amazon-adsystem.com increaserev.com
c.amazon-adsystem.com
3 www.googletagmanager.com ultrasurfing.com
increaserev.com
2 am-wf.taboola.com vidstat.taboola.com
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 s.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 googleads4.g.doubleclick.net ultrasurfing.com
2 am-vid-events.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 oajs.openx.net 1 redirects
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 ad.sxp.smartclip.net 1 redirects googleads.g.doubleclick.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn.adnxs.com increaserev.com
2 googleads.g.doubleclick.net increaserev.com
pagead2.googlesyndication.com
2 ad.doubleclick.net 1 redirects
2 tempnextstat.bcovery.com ultrasurfing.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
increaserev.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com ultrasurfing.com
securepubads.g.doubleclick.net
2 tags.crwdcntrl.net ultrasurfing.com
securepubads.g.doubleclick.net
2 ib.adnxs.com increaserev.com
2 targeting.unrulymedia.com increaserev.com
2 c.neodatagroup.com ultrasurfing.com
c.neodatagroup.com
2 sb.scorecardresearch.com cdn.taboola.com
2 cdn.jsdelivr.net increaserev.com
securepubads.g.doubleclick.net
1 ade.googlesyndication.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 x.bidswitch.net am-match.taboola.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 vidstatb.taboola.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 imprammp.taboola.com vidstat.taboola.com
1 mug.criteo.com
1 www.youronlinechoices.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 www.google.com tpc.googlesyndication.com
1 adsdk.microsoft.com increaserev.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 secure.adnxs.com 1 redirects
1 trc-events.taboola.com
1 b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 at.teads.tv increaserev.com
1 id.crwdcntrl.net increaserev.com
1 idx.liadm.com increaserev.com
1 lexicon.33across.com increaserev.com
1 a.ad.gt cdn.hadronid.net
1 pixel.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 p2.gcprivacy.com p.gcprivacy.com
1 cdn.hadronid.net ultrasurfing.com
1 secure.cdn.fastclick.net ultrasurfing.com
1 prebid.media.net increaserev.com
1 rt.marphezis.com increaserev.com
1 tlx.3lift.com increaserev.com
1 ghb.adtelligent.com increaserev.com
1 htlb.casalemedia.com increaserev.com
1 grid.bidswitch.net increaserev.com
1 ap.lijit.com increaserev.com
1 ads.yieldmo.com increaserev.com
1 onetag-sys.com increaserev.com
1 prebid.a-mo.net increaserev.com
1 p.gcprivacy.com increaserev.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.quantserve.com www.googletagmanager.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cloudflare.com increaserev.com
1 cat2.hbwrapper.com increaserev.com
1 increaserev.com ultrasurfing.com
0 api.rlcdn.com Failed increaserev.com
0 fid.agkn.com Failed increaserev.com
304 110
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-05 -
2023-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cat2.hbwrapper.com
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
sni8045gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-09		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-01		 10 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
tempnextstat.bcovery.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-02-28 -
2023-05-29		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-03-20 -
2023-06-18		 3 months crt.sh
youronlinechoices.com
Go Daddy Secure Certificate Authority - G2		 2022-07-02 -
2023-08-03		 a year crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 05		 2023-04-20 -
2024-04-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
neodatagroup.com
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://ultrasurfing.com/
Frame ID: BEA44960BC6644C50A24BD8C7640E414
Requests: 208 HTTP requests in this frame

Frame: https://c.neodatagroup.com/topics_2033.html
Frame ID: B15DC01D4EB075BDB9FA46937C4B235A
Requests: 1 HTTP requests in this frame

Frame: https://b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5257F6FD7D65F3A601BD64B65516552C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstWtCRx0TVbpHOSArV3wCCwN3MSRHbpcueLX3AGINMQ5xR3FrYWRexU3T6GJfaN6n8ec1XTO6eGI-Y8-jkFzEh1OBFZ2swJhSSNj5DLhyhe0jMRVLwWl1Z4Pcd7eUMfcndezU6jltv_LhKC4C_H7VWTXFr_UIdy2X98QpdYz1uAz3NDYrMAAOTPdrJX8kZxc_mSiYFXSKciGuCsURCvNWnx4AlfvO4jk4smPCvZ3Kv2I3BHNJN6k8caeFpBPFN6PuoGL2goNLQyJwTbQ8YJdP73ObmjxCAR0YahTM0P4t1tWx_5duOdKZ5zxt41quEUHS2n-xn9D-KRY9GQPdBY4-_dFLf4A&sai=AMfl-YTQTphIl19OPdZZr_HXXth5buHYP8aqSiDDuCuhrkVtcAj4xciTWwJqhp0_yH_mUrSGShVbe5oC_7Odw4N_fKz4ZOQ2kzqWEm393LGggfQBmkQhq_rLFWJU6zOzJOfUtXvQnBx_gH_Y8BuNQ1Y&sig=Cg0ArKJSzOIvC1EiemoWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6E9E9732B94FD64DE9154819FD935BAB
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYxdOv5gEwAQ&v=APEucNW2phYye_T5svfH2FSTkH6trevrnj0phT77QLgPwfrwoZQeGtDZbErpNRfcSSHMvf0y3VhTkJQg5ntYHVXDyF25zhXVI9ukTQ5V0AU5ooNKZ4ZsxADHZ9S55tqlbspuC-eEdBTYp5yWeqEUb_AtD7QUmVPLsi4rb7pFpRWFecqQvO0G1fH0KBrex1ZvcWH8d5dC7JpG3G_P5atKVRhgc_vyTTsbKuqqe7UsRlnxG8FavlvbDjI
Frame ID: F2CC23B3C64E94DB439FEC7E2B8198B1
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJG_CzqmzSOUptM7u70oAYx2Odzo8NxDgzCxsOXc4767oQrLPJo-jPW0fOeJNWKP9QFhieKuOBMJJyhJjCI9bVhP20jI15k22tmDW1kuQQ4zhTzDuvEtWXi2zRHADm24XYfhr7Rh4S72acGrPjr-3srFBs8GcuL2A1OF1rnsoLckbqj1VOB8aLBi-lO-yNCZNCKzbRNi6jaB-0jRhh_BZSDFH7Am-tlzvM06s5Gk1kqkfNGBTXfE1SM-59F8iEAWyxMWOn_89-5kcsb2WncvjpqiT9dHTtdLQk18POxgcU73KS1NmFhPW03o987JUtd8Mzb-DlfKMbt9_9aHkB0S4NrA&sai=AMfl-YSyaMPNnDi0z7lXOUOH6v7yZXgN10dKYIDwEwhH4HlUS4U56vxVPEY0_XK-sKEzl6Hi3gPv1QS8FqnmxiusZ36SMouKAWbM9f-f4Yb0klFE-VvYmTvXSI_yQPMfroUIMwtIClHx2KvwsyncSHg&sig=Cg0ArKJSzKMg7cMkWanvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7D5D4343B2065DC96370A90BA81EA0A4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A59890CBD43B9EA8D7F85261C67A77B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81973711F00869C89B64BBC98A48ADC7
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
Frame ID: A012A5534C6CA67DA9F1CD81AF9728E7
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ultrasurfing.com
Frame ID: 8BDA7797C2408B3B57B07EE5A0A5C5FA
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1682522847916&uv=3270&tms=1682522847916&abt=nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9f6497dc-fdae-4d99-a537-ec533864f25d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 4BAF436E4C59C64A4F1434920AF0D3C9
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 5940B4E469D89262FC9451C5A5246E88
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DB4B8EC91EF278024CC1FAF19529FAF0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 15A02BE2D34155E9EDA4960609B8A4F1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 6C1DE49F67F88AEF0808761B6BB20DD0
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
Frame ID: 037B958C45C534050F8784CF832E9EA6
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 133EFE0410AFA0B81284DE1DD657A91A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E1D55D6B6AD5F6BBDC1493C23112F24
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ultrasurfing.com/

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

304
Requests

93 %
HTTPS

37 %
IPv6

63
Domains

110
Subdomains

89
IPs

8
Countries

12510 kB
Transfer

17523 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CN61jYXux_4CFQeK_QcdFREBkw;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Request Chain 111
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1517244135435&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&pbs=true HTTP 302
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1517244135435&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&pbs=true&neoid=30f7c5a70f40592
Request Chain 113
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1517244135435 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=4879352085120318172&rt=img&rnd=1517244135435 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=4879352085120318172&rt=img&rnd=1517244135435&neoid=30f7c5a719205a9
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1517244135435 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=1517244135435&google_tc= HTTP 302
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1517244135435&google_gid=CAESENE7axbGGr371SgBgQ1dvG4&google_cver=1
Request Chain 116
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=1517244135435 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1517244135435
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEIVGONMJnCJWFfOI3zOSXkc&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEIVGONMJnCJWFfOI3zOSXkc&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=b0d69bff3891bba1170b0838d6878eb0&uid=b0d69bff3891bba1170b0838d6878eb0&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEA2ObNBwVV6Vred8Msg93jc&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEA2ObNBwVV6Vred8Msg93jc&google_cver=1&ang_testid=1
Request Chain 172
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fultrasurfing.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fultrasurfing.com%2F&rid=esp&cc=1
Request Chain 184
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d4ec7a0-e9f4-4df5-b8ac-ec2044c6430e&cmExpId=V3&oAdUnit=391466&publisherId=162645330&rId=2cc46134-7dcc-4ede-80e7-f0fa2de64820&rlink=https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=7d685ec95d4a4ac9bb8434ce0e8e7ceb&SNR=1&GV=2&med=10&rtype=miFeedbackURL&tagId=27587523&trafficGroup=knaqe_3c&trafficSubGroup=zzf:angvirqvfcynl&aid=2345856526530506099 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0
Request Chain 187
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ultrasurfing.com&sn=ChromeSyncframe&so=0&topUrl=ultrasurfing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ufH2CXxaTlAzczdzSUJaZWNmUzVtOFk5NlRNdzNJSkpvK2xNVHNCa2xacGZ5SHpuWjBBdFh6NldwWE0vUHBKT21nK1R2dFp4UFYvZEVmSGxNUjhObXo1SVYwbkFXWjFtcTJDTGJCb3gvN3pGdnk1a3EweExxaVVQUk9CZWU2bGJaK0JPQ29hZkhhMGhLbGJFVjNNRVg2YnNpNnd0L1dMUGRFQmllREpHSlRhQzZTb29UTUlyS0FIek53ejFzN2RjVFkxV1RlSEVZendNb3RuN01oWExYa243d3F3RzdqcElYYkIxOGlJZWlmWGxLa0pjWXNkM2k4ZWRkbzIzUW9lUjJ5OWdxWnN2NVROOHB5d21OZmYzRFNud0E0ZTdjcGdlb0RiZVk5bkR4VFk0LzBRRT18&cppv=2
Request Chain 266
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d4ec7a0-e9f4-4df5-b8ac-ec2044c6430e&cmExpId=V3&oAdUnit=391466&publisherId=162645330&rId=2cc46134-7dcc-4ede-80e7-f0fa2de64820&rlink=https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7d685ec95d4a4ac9bb8434ce0e8e7ceb&tids=4&med=10&rtype=mvFeedbackURL&tagId=27587523&trafficGroup=knaqe_3c&trafficSubGroup=zzf:angvirqvfcynl&aid=2345856526530506099 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv
Request Chain 269
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/q2zvotynf-rrGx8t6QW3YQ?csrc=&gdpr=1&us_privacy=1---
Request Chain 270
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGXUNSTF-K-IE5Y&gdpr=1&us_privacy=1---
Request Chain 271
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGMyNTRhZGUwMThhNzYzN2UyNDVjODJiNGI5MTRjMzY1YmM0OWNjMQ&gdpr=1&us_privacy=1---
Request Chain 272
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 273
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdYVU5TVEYtSy1JRTVZ&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEJLH8iWc1tWSnGxTV260NZ0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdYVU5TVEYtSy1JRTVZ&google_push=&gdpr=1
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECit75K3ObPgefuqOa_QU-g&google_cver=1
Request Chain 276
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

304 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ultrasurfing.com/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d92c17d733818e73cce21022fcca2a0b57445f8d528107c9a301b2ef7a12353

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bdfd98449e69b31-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 15:27:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSBXNcvvL5gKaKT56Jpq5D3DfK2hRDstWgaK7%2FtHBXZYAuE%2B7ilHC7lmtKVlKKQS1XqIJipvD78HdKXs1SP6e85U6eOr85AugZCBTJlh2VPI7x1ZwDNcEuyUiD0vuddFx3JH3nEVLC87luJIv69r"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
reset.css
ultrasurfing.com/css/ 		773 B
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ultrasurfing.com/css/reset.css
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 29 Oct 2020 06:32:21 GMT
server
cloudflare
age
5424
cf-polished
origSize=1050
etag
W/"5f9a61f5-41a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfnou6xoW8ENDn9o4EO6CM1GCZQTIA8fhR5aKUMsI4exYHhc9%2B93eDfAMQ%2BTwWtJMck8Wo6owV6f%2FvPf6ug0VwBS6yOP7visoUYBrBtRqQ0tw%2FfC8ZcZCIaVyQClo5d16MKDJMa0ogha4yBQBUO1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7bdfd9863c4a9b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style1.css
ultrasurfing.com/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ultrasurfing.com/css/style1.css
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 08 Apr 2023 04:57:00 GMT
server
cloudflare
age
280
cf-polished
origSize=19154
etag
W/"6430f41c-4ad2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTyD3%2FD1wwCXw9Q7ncGV5f%2B5H7HDeefrkFP3mJE7QjS%2F%2FNJ3GcF4mStuGCwB8wLhspJwcmRrT36F3pubnqGaS83jkZM81QbQvPXVG78gAwtJJe%2BkweT%2BJaKswBSu5HA%2FiXtTtFj7zw0A9Ix879GJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7bdfd9863c499b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
3f0105fd_photo0_610.jpg
ultrasurfing.com/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/3f0105fd_photo0_610.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9c1d60b31262eb0c2f18a0516743a3831e9a89c7c0691043c4e064db3cd56d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Apr 2023 15:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644942c5-da4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2U7G2j5l%2BeUExDqDakzFemOwln%2Be31sMdR1aYmLAjV1nH4%2BtuhcD%2FPdDlJnaakHt3hICCJufb2TksVo2Ym454CHRdBp9RSt%2BhUhNzBuTf18%2BnaHoxjtQvDj%2BI9UNoshGTMcVkQcOkL9tfcKJZ7e"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658913602-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55885
expires
Thu, 25 Apr 2024 15:27:26 GMT
37a7852d_photo0_190.jpg
ultrasurfing.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/37a7852d_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc14b12b08d00c999abce01632fce666bfe8c884b9b1eed31464a69b72d847a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Apr 2023 15:27:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644942c9-1c51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqJsWmuDwOJMwVMa%2FMqMvQxA8wRiWmGRZvQEhHCuYqFtoiBacyGZv1laLjnhAiulZZ1TUgv%2B6yLmRLam%2B3AOka0UHJwkBGswtWfl0xCjBlufVv9uE5q5yxauGmTfWzcaO1GNZEHt1Og7FR36yI0Y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658973602-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7249
expires
Thu, 25 Apr 2024 15:27:26 GMT
6438048e_photo0_190.jpg
ultrasurfing.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/6438048e_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3983846d126d33a7bf4c1253e349d31bedde82335e4ba0bcdc4df9889bf58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1443
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5533
cf-bgj
h2pri
last-modified
Wed, 26 Apr 2023 15:03:06 GMT
server
cloudflare
etag
"64493d2a-159d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOo%2FJCpVgHlwh5ohZMTEs%2FZQgmczSavkjLr44M6dAQD2%2F2a6WbEwf3%2BtX7RJPe13bO%2FgGnNFmwjU4EDcPM%2FYU7dhgMvxMz%2BZruBOzuj5oOoWOCn3J%2Fxho781RAv4%2Fq3AQNVaxOAUjllGlDHR25rO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658a33602-FRA
expires
Thu, 25 Apr 2024 15:03:23 GMT
3f0105fd_photo0_190.jpg
ultrasurfing.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/3f0105fd_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6612a6c310f563ab7c444bdd6d932f6411d2c6891629e97ec3dab9dc601914c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Apr 2023 15:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644942c5-2241"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieaNtYPxrNFA9mAb5m8s9rEYuPiY9472aYjjuItViC9AtiQyy8%2FokEYchAvSm3VV5qQ0TVxPJi1oDdUPeZwD1DqxrAfoiEFWQ%2FwEOfh52IwLLQv3UK6TOAW1in0Nm9x9YpkV7NuyCksuOpBMOxbS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658a83602-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8769
expires
Thu, 25 Apr 2024 15:27:26 GMT
adc4db97_photo0_190.jpg
ultrasurfing.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/adc4db97_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3585215ed1585561f0fb04e9b8a7b4df5a10a5f00cf534ed54ab1260e4ff397a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41641
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5563
cf-bgj
h2pri
last-modified
Wed, 26 Apr 2023 03:51:01 GMT
server
cloudflare
etag
"64489fa5-15bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmotppQGSe%2FC3mSBuTVYXWFkHrLPrOVnxVoJcoWTmuLSSZZcAOaqNMsGYA0aZfyi8rHiS9SV1HQDhzS4WcYyzNSrmY1KM21agBr4iXD5ZOMsZA5%2FCrUI6wKWzBX%2F7sx22aZaOWkGCN0ljZjs0NY3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658a93602-FRA
expires
Thu, 25 Apr 2024 03:53:24 GMT
5c3a0a5a_photo0_190.jpg
ultrasurfing.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/5c3a0a5a_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3485515d5d7e4754cf55ff54925c790e2e1ed3929c060dd284d670ac5fa5d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6180
cf-bgj
h2pri
last-modified
Wed, 26 Apr 2023 13:57:03 GMT
server
cloudflare
etag
"64492daf-1824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIpKC%2BToltdAVxBf6XczxtedMuyO1ZsJKn7xEQUUwwX1QNpGxZ79px9SiXE%2FUhxasEFpRZxLwk%2BghUi%2FFHHll5fe0TY9HlLJ4d2gyvgtoHBthS3WN29yt2b%2B3Xt9MTLv0vnBPwrPyVhT%2B9Fq1lls"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658aa3602-FRA
expires
Thu, 25 Apr 2024 13:59:50 GMT
3650d2e5_photo0_190.jpg
ultrasurfing.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/3650d2e5_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e28f3095ab6a6d38a22dd1d9beb0bfab87586ecfb247852cd7ecaeeba26855f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4378
cf-bgj
h2pri
last-modified
Wed, 26 Apr 2023 15:00:04 GMT
server
cloudflare
etag
"64493c74-111a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iHir0lMKnClWz5R3CY9g93RCCXsk8XEjQ95%2F4eRik2KV1AKdQ6jd5UvItWbgVFKjJsZkpfDpiL5PoHxILioc3iM%2B4whej46Wd6hOam2BPv4HHdtVf%2F2gkhXp8L1uuRf2H85Nu9v3i5qerBYHZmY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658ac3602-FRA
expires
Thu, 25 Apr 2024 15:00:17 GMT
6d7356cb_photo0_190.jpg
ultrasurfing.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/6d7356cb_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c71b45ebd7b1409bdc6c7d72f808ea2a3db88e615613d9d9be64aea51336f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1625
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6820
cf-bgj
h2pri
last-modified
Wed, 26 Apr 2023 15:00:04 GMT
server
cloudflare
etag
"64493c74-1aa4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3rgWT%2B6PlXIGFPkLOaLUc9uom1nehdctfJ69M%2FUH6nyOXHjtls4Q9p47fU1MdrFyIGBCTtAz1YxlFJU0wImPxH3b7pyoRHigjetND3Oa4qLppeD5Ldo9UtWChbmD6LkMMRHP5fkvTCGSVq563dW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658ad3602-FRA
expires
Thu, 25 Apr 2024 15:00:21 GMT
dae477db_photo0_190.jpg
ultrasurfing.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/images/dae477db_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5056a174256e4327365e990497213f4f7b514087e58ca4d36a59cdabb4d8495

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4488
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8190
cf-bgj
h2pri
last-modified
Wed, 26 Apr 2023 14:12:05 GMT
server
cloudflare
etag
"64493135-1ffe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PGp7js5JCsCRCSLHlS38WmIulJjAsqQZ92zz5ZZ%2F07jkw%2F%2FyVoygGAFgOcW8pc8Pu9QCZrfBty8qk0OmQuuXdJ6%2FCGl94JF0pvo77mJL17%2BghcVddlAYUBY7LyahqFm%2BtLimCkuDY0yejZ5E689"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658af3602-FRA
expires
Thu, 25 Apr 2024 14:12:38 GMT
rocket-loader.min.js
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Apr 2023 12:39:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6442841a-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3BJGcVf%2BWcz6kq%2BwIb9kivZWje4pKTuzGvEK%2BBf%2FEGHiFNKdGFu6R869Psm9vdXmxKj9O0VXczjAD%2F8tGuZpbCqWvaQoRo0c77p3WeUrETTPcR%2BXqz1QEoiOXFRXSQDgBkKTT4hIjv6p%2FWSzLbv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bdfd98658b03602-FRA
expires
Fri, 28 Apr 2023 15:27:25 GMT
bg_header.png
ultrasurfing.com/img/ 		230 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/img/bg_header.png
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1677426
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
230
last-modified
Thu, 29 Oct 2020 06:32:21 GMT
server
cloudflare
etag
"5f9a61f5-e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZKPBRxDCvnREd7rPMzs1nCC6AxhizaldfVuCa2vg4sQfg5%2BE1ujwSFnTKz3TsyCL3B3DdPVGpPogarDq%2Boh8SWbbiM3BY1y8U2PDSTZk28FGoJqI2cQO%2FR4JwDPF8CCOeeykqoDnFxT1JEivtxE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658b13602-FRA
expires
Sat, 06 Apr 2024 05:30:23 GMT
logo-new.png
ultrasurfing.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/img/logo-new.png
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7316
last-modified
Thu, 29 Oct 2020 06:32:21 GMT
server
cloudflare
etag
"5f9a61f5-1c94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q739xck4PRNiNHOU75Eti07QWpI4WfLJa7f2MG05QcJicDktKI7DdBfitvOvn4q961e35dcTw4TXbAEi524nT9R%2B0QQu%2FI2hB8DoFgbhQ2Zb5ghLJ4Zg1GqBfa0PCpq42m68SAiVC5XiR4gJCWAj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658b43602-FRA
expires
Thu, 25 Apr 2024 11:16:31 GMT
bg_nav.png
ultrasurfing.com/img/ 		175 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultrasurfing.com/img/bg_nav.png
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/css/style1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7290951
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
175
last-modified
Thu, 29 Oct 2020 06:32:21 GMT
server
cloudflare
etag
"5f9a61f5-af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkwcXgQ5JFVAL0E6csnsHhvUHFyJKC9sheyRF77zwokf5retEpkPrJsmoo7UtItKRI2%2BpTm6dmijbAq3BZ%2B2jk0ygvrd1%2FR2eJlFGul9Ugqi92BUtbRMxJec0OfJvjoVcYkXeF7FVTmMZ4EPtdvs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7bdfd98658b53602-FRA
expires
Thu, 01 Feb 2024 06:11:34 GMT
aaw.ultrasurfing.js
increaserev.com/ads/ob/tage/ 		578 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c124e366c0dc7e592611ed32e0d9428fec59c6b68f9ee4663deb704d07ef3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1694
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 12:57:37 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UTOm47wm86%2BkeizuuPGWqKlNAurzlVz9z6l6EITAGkEiJuVqzHQdP6ehZ2jX7H5HnRJSxN79gktuq06sqNL3mxL71y%2FbD11EWj9Mrn9aklHhxNu5ptNyNnDQrZYSq0UFDPK4lbqSJRcqCtz2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
7bdfd986bc81695b-FRA
access-control-allow-headers
origin, x-requested-with, content-type
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12ecc52fd6663a3a493262010b9d602b8e569698181883f3263558428b2b2e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79385
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Apr 2023 15:27:25 GMT
loader.js
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 		400 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd739bc897e859fa14dcc28daf0839a574845b74c51552e9ec5015e276553b3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
fqOs6inf.KUwqSx9k3VwFmgAY9UCpXJE
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:25 GMT
x-amz-request-id
7FAZMH3XBZP4SAKA
age
17
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
47234
x-amz-id-2
+Bkn4oK+ngRPHIZeWp/JHk2J7+CkuEmTN3osT8+rEr3p2jJbhOeZsuKwOYXzvrd3bXEAgH+QP6g=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 23 Apr 2023 10:09:34 GMT
server
AmazonS3
x-timer
S1682522846.813296,VS0,VE1
etag
"e29cc4bc3cda431a7a340a7751c2057a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		210 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dda04ba13ec4ea2c1b960b15b6cfe3f6345035db5628327534d910437cd66c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69140
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Apr 2023 15:27:25 GMT
/
cat2.hbwrapper.com/ 		15 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat2.hbwrapper.com/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.183.18.251 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture2.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ultrasurfing.com
Date
Wed, 26 Apr 2023 15:27:26 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		332 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6d6e164cf91eb1f3937698b3030d2c276f54a95dd43149a16f0d106804f943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7bdfd98a8fac3721-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a7deb941ed6f277e58037600eec4ed6dbc40d122f49a327d44f618396476e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25002
x-xss-protection
0
server
cafe
etag
287 / 19473 / 31074121 / config-hash: 3496528444417690014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 15:27:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		226 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:09:53 GMT
content-encoding
gzip
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1053
x-amz-server-side-encryption
AES256
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
kaCAuaGvOTWfuE9SGl86fGYQ0CZUQ506C6tuuKLfD79ixvcZsRr-ZA==
gtm.js
www.googletagmanager.com/ 		171 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d53993eef40ce4e4dbfdfc79cbf4a2c6c2d28f78e3085e9f1ceef5b5eedbba6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60055
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Apr 2023 15:27:25 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a4a52c8b60154236feb7a6a746d274bbbe19bacfe68ff46dc973728778d4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41192
x-jsd-version
1.0.1685
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4572-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"634-u0JbiDtVdqjnPn9G7OxTL0QXlAc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9NXs%2FcJnoSFwIg4T4s2FH5r%2B6Lm2LUyMnIvLeo7PhVgocqgsnJUHsIkNspw5diw5i4OvB873uWqgZehVitKAqCDteYcQ5CgD9GP9Bv0hBA6GeS9dGQc4ThjjAkkkXyNnylTl0SNLfc2ugmyOhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bdfd98aa9cc5c8c-FRA
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je34j0&_p=609645461&_gaz=1&cid=642455925.1682522846&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682522845&sct=1&seg=0&dl=https%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=642455925.1682522846&gtm=45je34j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=642455925.1682522846&gtm=45je34j0&aip=1&z=1363901606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f
fid.agkn.com/ 		0
0
impl.20230420-9-RELEASE.js
cdn.taboola.com/libtrc/ 		758 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
efda14f9011083c35c05e555316dd820de6d3a8b244ee5a6ae61db3ef422cb34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
.tlcNUTfcK_q8X.88h5br8h4AJxw7KuD
content-encoding
br
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:25 GMT
x-amz-request-id
6WXZ6RSFR332P75D
age
12809
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
161471
x-amz-id-2
Bgx/UGkK8afQpBV+pGT3Tg+PHxN3lwCwtOZfW78BVdbbhRStS7cvSrXxgyfVPZxRbcLOW51TBTU=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Thu, 20 Apr 2023 11:35:44 GMT
server
AmazonS3-br
x-timer
S1682522846.899285,VS0,VE0
etag
"a5a53d147e9bb0aead6b03509cc4862d"
vary
Accept-Encoding
content-type
application/javascript
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8165
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 05:40:26 GMT
content-encoding
gzip
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
35219
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
3Ug2C4rD3yezblvCJbskTX1P73CHT8C9VGnr8nOSuxvwSQGSeLQPOw==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:01:11 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
1573
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2326
x-amz-cf-id
wCPTTNkWytHZ7ZvbuUwLTLLOymGmsOO8N0FebNuKtWwYjXzbLhl2Ug==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
date
Wed, 26 Apr 2023 10:31:25 GMT
x-amz-cf-pop
FRA56-P6
age
17761
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PUtf9EATmXvskQ3g8QLj3Oklax3oj5TsTytnXXdvoK6o4arjn01f1w==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 03 May 2023 15:27:26 GMT
adapex.js
c.neodatagroup.com/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.neodatagroup.com/adapex.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
625b9b9cdd68df14735c330ffe2c474045bb3f778b09909a691fe47e9408e0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
content-md5
zE8qb52xSSzACbS5cym5mQ==
age
7187
x-cache
HIT
content-length
9311
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 20 Apr 2023 19:23:05 GMT
server
ECAcc (ama/48BB)
etag
"0x8DB41D4AAEB2322+gzip"
vary
Accept-Encoding
content-type
text/javascript
x-ms-request-id
15a51104-001e-0031-5042-780b19000000
cache-control
max-age=7200
x-ms-version
2014-02-14
expires
Wed, 26 Apr 2023 17:27:26 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ultrasurfing.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 26 Apr 2023 15:27:26 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fultrasurfing.com%2F&pid=EBRCENlb9dZ3n&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%2204f7b000-bdac-40c7-94e1-86c6e52bd04d%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%221b6ed0ba-f042-42d5-ae47-05a1398db944%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%223c119746-16d3-4347-9c3a-efe07bd60285%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.247.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-247-205.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
DYH0VD6R4D6WK9KRN0XP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ultrasurfing.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
jNZMZe7FkCkElyioN7QeNcVvKUfWAlBi3t7a6JhwgtO-zmDWIiT1ag==
gcid_s.min.js
p.gcprivacy.com/t/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 04:14:31 GMT
x-amz-version-id
jt4ZnrYXxK0Tc9o56lUGTSds0r80tPTc
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 13:48:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
40376
etag
"dac6676675972d00f4ec994de0578005"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9500
x-amz-cf-id
Td9jV2aYr6_MfEpYoCF-2swnlm9ulRRX87Eh6aZvlZIKNQ3ukw1GpQ==
prebid
ib.adnxs.com/openrtb2/ 		71 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
dfee792e4ce75d18128e0b0ce17ee76873564b878be701e6a54f8022a0164180
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:26 GMT
x-openrtb-version
2.4
AN-X-Request-Uuid
02a473d1-a82c-47a7-b0bc-c8998a88f23e
Server
nginx/1.23.2
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
71
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
058aee0d433f6f58a2ad55cc56e4af02de92f496136ec43e149e7cc3da46ad4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Apr 2023 15:27:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
687896b2-cb10-45eb-99e8-6a0d885b9c34
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ads.yieldmo.com/exchange/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.43.0&p=%5B%7B%22placement_id%22%3A%2204f7b000-bdac-40c7-94e1-86c6e52bd04d%22%2C%22callback_id%22%3A%225349c04c0e1eaff%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%22914dd4ed-71cc-47aa-9a57-fea9c3f7e185%22%2C%22auctionId%22%3A%2211f04bbd-6e10-4a19-84ab-496325bbfcab%22%7D%2C%7B%22placement_id%22%3A%221b6ed0ba-f042-42d5-ae47-05a1398db944%22%2C%22callback_id%22%3A%2254d9e62f3507a6b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%22d63d88b6-b9cc-4755-b7d1-69729acb1088%22%2C%22auctionId%22%3A%2211f04bbd-6e10-4a19-84ab-496325bbfcab%22%7D%2C%7B%22placement_id%22%3A%223c119746-16d3-4347-9c3a-efe07bd60285%22%2C%22callback_id%22%3A%225573e6edc7818db%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%22ec7611c0-0308-4251-9f3a-b8803dac25ba%22%2C%22auctionId%22%3A%2211f04bbd-6e10-4a19-84ab-496325bbfcab%22%7D%5D&page_url=https%3A%2F%2Fultrasurfing.com%2F&bust=1682522846011&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=e6c24795-82a0-47cf-a73d-50d5054255a7&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e6c24795-82a0-47cf-a73d-50d5054255a7%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.176.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-176-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ 		95 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.43.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
06bc438a81432f207bd95969cb0c301ffe06acee4c9c8873bfb8ac1e6508b8cc

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Apr 2023 15:27:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ultrasurfing.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.204.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-204-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d96892632d08aec3ffa5fb2154605fd8c86ddb6c27c9b442568910de1bd2d2ab

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=930331
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcfd73cb098ba03e6658ea7a0ed7a9e48a4095a00c0f31856be695790d008a86

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp2yStiR3aDoSVJE%2FSyKXN4LtGXexsxrkE4LOocDV1mgNA3TJ4ZsxwS3%2F5tm2rSnwJ6niKPfrXYTYIMN1d30rOGg8%2FhJK3GoGKsEpo1C%2BoNti9HaE%2Bb3UeX5aD58hhkwo0Nm9Mev"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bdfd98bfb233a66-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
/
ghb.adtelligent.com/v2/auction/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4dcf7bf96bafab40e9e703839a4ddd4774fa034484c44cff3ce86784ac8014fb

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Apr 2023 15:27:25 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ultrasurfing.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
781
auction
tlx.3lift.com/header/ 		19 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.43.0&referrer=https%3A%2F%2Fultrasurfing.com%2F&tmax=2000
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.123.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-123-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
rt.marphezis.com/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:26 GMT
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		432 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=e6c24795-82a0-47cf-a73d-50d5054255a7%5E1&rf=https%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=https%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.43.0&x_source.tid=914dd4ed-71cc-47aa-9a57-fea9c3f7e185&l_pb_bid_id=934018dc98bf92b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.2558491656706021
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b38620ced16aae7fefef845e09c4d3d28a82767a09c84ff0ffb8a25684fc9423

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
432
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		430 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=e6c24795-82a0-47cf-a73d-50d5054255a7%5E1&rf=https%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=https%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.43.0&x_source.tid=d63d88b6-b9cc-4755-b7d1-69729acb1088&l_pb_bid_id=947bd75324f2be9&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.9209858876851453
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c3e706df43bf901eabf8db82db70740c2fe4ad822be22704fc843d4da1c168d

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
430
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		428 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=e6c24795-82a0-47cf-a73d-50d5054255a7%5E1&rf=https%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=https%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.43.0&x_source.tid=ec7611c0-0308-4251-9f3a-b8803dac25ba&l_pb_bid_id=958f387f69efda5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.6433987682966267
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
871aaf59f93f50472669f834cb35fe989e6fdba2af2100421fc7eb41662faca1

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
428
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ultrasurfing.com
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dfe8df7b2ae96d2b873b642de61228f01d3744b4ce8d6c945767ed17b01ec871

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 26 Apr 2023 15:27:26 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 26 Apr 2023 15:42:26 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 03:54:16 GMT
content-encoding
gzip
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
47035
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LuSPAseQJ-VJvDBR1NkpgYvDY1clYa2MImP2SPhP5jbKOmKo5NYMfA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
1343
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7bdfd98bfaf59231-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
7J1ZBJQEC20982QY
age
787
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bdfd98bfc732bd2-FRA
x-amz-id-2
+4Dx60E5SAqs6oopIRTZYwhldTclA86tA+vHtGZXqs18FDuPJPZLVNBV/seDTxspzHltv8ZWYoU=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.239.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-239-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 26 Apr 2023 15:27:26 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.239.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-239-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 15:27:26 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 07:27:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
28773
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126587
x-xss-protection
0
server
cafe
etag
1883905843074567667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 25 Apr 2024 07:27:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78b5554ffee8199f335a221aa1db632e2056c8459c21cebc9b05ed8a7474ae89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
642
x-xss-protection
0
expires
Wed, 26 Apr 2023 15:27:26 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
332366
expires
60
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 		83 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=15%3A27%3A26.076&lti=deflated&data=%7B%22id%22%3A191%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1682244570109%2C%22vi%22%3A1682522846072%2C%22cv%22%3A%2220230420-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1505%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A105%2C%22mw%22%3A950%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1406.5%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A120%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d61cc90311624aa6eb2e0a2ec930b8dcebe7209a54973d30fdb2c65f24389be6

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
847
date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522846.123732,VS0,VE847
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682522846077&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
6fA33x9_m-mEcX_dUuFjrGVE2fP_RMDZ-TOuDVD6rqVHoEmm8eYmpg==
x-cache
Miss from cloudfront
sync
p2.gcprivacy.com/v2/ 		155 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=e6c24795-82a0-47cf-a73d-50d5054255a7&u=https%3A%2F%2Fultrasurfing.com%2F&h=ultrasurfing.com&ref=
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.8.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-8-5.compute-1.amazonaws.com
Software
/
Resource Hash
8ee0e1a8b8cc7207cec63ddd79fd7d5d4495fc013cba0c86c341d98d99e35177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
155
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:01:32 GMT
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
1555
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
lvEmYOZ8bERnM_aQPGo5ka01UdoNKyJtLQ-7WGmn4Rroh2R-AEFY_A==
topics_2033.html
c.neodatagroup.com/ Frame B15D 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.neodatagroup.com/topics_2033.html
Requested by
Host: c.neodatagroup.com
URL: https://c.neodatagroup.com/adapex.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F8) /
Resource Hash
8b7d4053f086fded20ae136d33ba39e202e50c0aa31ec8be2d26ab09bbed3a37

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7155
cache-control
max-age=7200
content-encoding
gzip
content-length
987
content-md5
O+VB56FtXpjLcv9ioTg8/Q==
content-type
text/html
date
Wed, 26 Apr 2023 15:27:26 GMT
etag
"0x8DAF971781EF9C3+gzip"
expires
Wed, 26 Apr 2023 17:27:26 GMT
last-modified
Wed, 18 Jan 2023 16:31:36 GMT
server
ECAcc (ama/48F8)
vary
Accept-Encoding
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
fd473cae-401e-0050-5042-784fc6000000
x-ms-version
2014-02-14
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.3.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-3-66.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ecb95d9a3c9c714f88e12c660934b37923b3ac107aa764a50b27ccb462808b2f

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache
x-server
10.45.9.8
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ 		101 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=https://ultrasurfing.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3b8b373035174d6b983146e654d9a55a5607568032335bf109eb0db2344c71

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7bdfd98e0a8368f8-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7bdfd98d69da68f8-FRA
content-length
0
content-type
application/json
date
Wed, 26 Apr 2023 15:27:26 GMT
debug
OPTIONS block
expires
Thu, 25 Apr 2024 15:27:26 GMT
server
cloudflare
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
78234fc21525cd9c36dcfa91e415e49c89e76cb5589c1365cae8adfd0eeb1fe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel;r=1305712181;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-1563989890-1682522846094;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;re...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1305712181;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-1563989890-1682522846094;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=0;et=1682522846288;tzo=0;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F1d9d9d1_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=7800c945-9dea-4903-9c52-673583e9fecf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
579.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a28b704336e7739937e95d7589d7eaff57aefc82a5a5f97fab031e99f9d47da6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
405
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5fa854273f3c824649ec9ff14a3f389cea08b5334699aa7b98f82770754b34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Apr 2023 15:25:43 GMT
server
cloudflare
age
103
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7bdfd98f2f92038e-FRA
hourlystat
tempnextstat.bcovery.com/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempnextstat.bcovery.com/hourlystat
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 15:27:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
hourlystat
tempnextstat.bcovery.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tempnextstat.bcovery.com/hourlystat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 26 Apr 2023 15:27:26 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 26 Apr 2023 15:27:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
248086
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.43.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
257025
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8cf696286a0c5b6d7342984e3207fef64061a8c6ef1ade7ee33c93d33e0369f

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7bdfd9905d3768f8-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		50 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.141.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-141-61.compute-1.amazonaws.com
Software
/
Resource Hash
4a4d966d833320a09fa26eaa74e0cac48b0521887dfa620e641460e211947c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
content-type
application/json
access-control-allow-origin
https://ultrasurfing.com
access-control-allow-credentials
true
trace-id
0b2528cac83da29b
content-length
50
expires
Thu, 27 Apr 2023 15:27:27 GMT
id
id.crwdcntrl.net/ 		43 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.220.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-220-178.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache
x-server
10.45.0.173
access-control-allow-credentials
true
content-length
43
expires
0
fpc
at.teads.tv/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:26 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 26 Apr 2023 15:27:26 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1155236521968776&correlator=2697724884695284&eid=31074121%2C44780988%2C21065725&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=63753022%2C3365800529%2C1651587589&didk=4014093631~755339576~1578837481&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.01%26hb_adid%3D10923c36503611c8%26hb_bidder%3Dappnexus%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D1109a4302444e2e2%26hb_bidder%3Dappnexus%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1000%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26fabrickIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D800%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=1&cookie_enabled=1&abxe=1&dt=1682522846922&lmt=1682522846&dlt=1682522845155&idt=1047&adxs=325%2C436%2C975&adys=120%2C1441%2C120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x1440%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=642455925.1682522846&ga_sid=1682522847&ga_hid=609645461&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16e7c8eaa15beb0a7ec9da0edf88dd933faa6326f2d3e4deb7cde6b5540e5836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20048
x-xss-protection
0
google-lineitem-id
5182049880,5182049880,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138288886492,138288886495,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a8131ee16ef4cdb74cfeae84b098245144fca19b0891c6be1fe8944a5857a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11135
x-xss-protection
0
container.html
b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5257 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 15:27:27 GMT
expires
Thu, 25 Apr 2024 15:27:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
floating-unit.20230420-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230420-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f14e22ef2cd3eacc2b32c28de58341e1ea4ce11f1e2081c47976fca72ee9f5a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BP1CN2p7I_pLZbtbxRL3sl.5.LyKPf1Z
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:27 GMT
x-amz-request-id
B10BQS9FQ07NMQ9C
age
280395
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
uVU1enD0PJqnTFZl5wTRi02TrB2ciWCTr9R8BwZEmPY2c0xZTDs7nRJ1iudz7+L2z1nue1hdsC0=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 23 Apr 2023 09:34:13 GMT
server
AmazonS3
x-timer
S1682522847.087421,VS0,VE0
etag
"27f6f366084e7d8f2070da9fe0bc5017"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1305
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.9/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
4512157
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
30995
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 05 Mar 2023 10:04:45 GMT
server
AmazonS3
x-timer
S1682522847.088003,VS0,VE0
etag
"c04a240008c67910556582d1bf159ad7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hb8k5qTx84vjvnZKLEByyGLQ8mj--ue9G2l1Fxf9ze3Xeud14VgcLA==
x-cache-hits
40098
feed-card-placeholder.20230420-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230420-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27269163d9924bcc1dfaaa4978d36bfcf6c07ef09d09ac020f7001186d4cdce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
dWD2M2Fw2oj8kvR2tvKNSb7XlKH7Hq51
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:27 GMT
x-amz-request-id
DAYAMXHBCHVH2953
age
280399
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
L0RClO4rJHaWpf/oAQ/IrEEfduSw/P4/ljZpZh7nUIDpj6b/0uOjp2cx5hdbr8Bsm9Zk56FjAEo=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 23 Apr 2023 09:34:08 GMT
server
AmazonS3
x-timer
S1682522847.087386,VS0,VE0
etag
"6ab6434fdb87cbf9a73254806f10b74e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
28506
cta-component.20230420-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230420-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efa038922b937b6e718c218697cc12660061146cec46deeeeb11ef52526d2ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
oBGyBfiDNBiKrw84iR0vTMJ_hMr6_n.s
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:27 GMT
x-amz-request-id
5FR0PBK85Q4R703P
age
280405
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4738
x-amz-id-2
kgy5Z25nICKOIhmXqkY29TRypG339IaXTLW4QoL90gTMDreJLO386rKvSkp6BjecqUdN1DvHHLE=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 23 Apr 2023 09:34:02 GMT
server
AmazonS3
x-timer
S1682522847.105737,VS0,VE0
etag
"21e9467483a3b67172a21bfce7d8c883"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
39392
userx.20230420-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230420-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
621c250c36bd0082a54d3a22cf4a63df58a400f0cfa95db822fc3f69a137c4f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
l7k1vezCd_HV5oRWOdCx0djjiPK8hxAu
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:27 GMT
x-amz-request-id
PN6YD703E9NP4ARN
age
280373
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
sPZPMal6a8B2W9H9SRsT4MC9U8QLUwLZL43Pb39J6kwb6PsSTOVwCfXDRSulBDmq19J4uoUN038=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 23 Apr 2023 09:34:34 GMT
server
AmazonS3
x-timer
S1682522847.105119,VS0,VE0
etag
"db9f6a48d984dce74772ce98f1168668"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10906
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:27 GMT
x-amz-request-id
TVRHNHYBPQ9HMG0X
age
118
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1682522847.164892,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
31
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
171
abtests
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
333 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1682522847176%7D&tim=15%3A27%3A27.177&id=2664&llvl=2&ri=c5c54bd8d3289418ed1a09b485cfda66&sd=v2_bd71173f20988df7c1db47b4976543fa_1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e_1682522846_1682522846_CIi3jgYQ8-NDGPjmtPH7MCABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABowPup8duG3vbwAXAA&ui=1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e&pi=/&wi=-1709852854480885386&pt=home&vi=1682522846072&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522847.182543,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=15%3A27%3A27.060&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=1777&cv=20230420-9-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15861
supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=c5c54bd8d3289418ed1a09b485cfda66&sd=v2_bd71173f20988df7c1db47b4976543fa_1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e_1682522846_1682522846_CIi3jgYQ8-NDGPjmtPH7MCABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABowPup8duG3vbwAXAA&ui=1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e&pi=/&wi=-1709852854480885386&pt=home&vi=1682522846072&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A27%3A27.076&id=7187&llvl=2&cv=20230420-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c5c54bd8d3289418ed1a09b485cfda66&sd=v2_bd71173f20988df7c1db47b4976543fa_1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e_1682522846_1682522846_CIi3jgYQ8-NDGPjmtPH7MCABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABowPup8duG3vbwAXAA&ui=1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e&pi=/&wi=-1709852854480885386&pt=home&vi=1682522846072&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1682522847092%7D&tim=15%3A27%3A27.092&id=5020&llvl=2&cv=20230420-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=15%3A27%3A27.170&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=4246&cv=20230420-9-RELEASE&lt=deflated&idx=pc&pc=split-1&st=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12884
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
529adb1534eb382ac40ad2f5d22aeff9c8470095a668b344f5c71e8696c412f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 15:27:27 GMT
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 		34 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=15%3A27%3A27.217&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A739%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_bd71173f20988df7c1db47b4976543fa_1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e_1682522846_1682522846_CIi3jgYQ8-NDGPjmtPH7MCABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABowPup8duG3vbwAXAA%22%2C%22ui%22%3A%221d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e%22%2C%22uifp%22%3A%221d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e%22%2C%22lbt%22%3A1682244570109%2C%22vi%22%3A1682522846072%2C%22cv%22%3A%2220230420-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3259%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1174.125%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc34e253dc12a544a6f1d3a2be1e881dffa34f5a35b4a2028f84cb819ffc2753

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
673
date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522847.223299,VS0,VE673
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
B29577490.362891373;dc_pre=CN61jYXux_4CFQeK_QcdFREBkw;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CN61jYXux_4CFQeK_QcdFREBkw;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CN61jYXux_4CFQeK_QcdFREBkw;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Protocol
H2
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CN61jYXux_4CFQeK_QcdFREBkw;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
81cd902f44290fa21c94336acd125ceb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81cd902f44290fa21c94336acd125ceb.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d552536a5a0578b138ae9773acf8151f5fd1506011d3183a11c41b1fa14ef4a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81cd902f44290fa21c94336acd125ceb.jpeg
age
1901630
edge-cache-tag
618343512828303277831119838914524510883,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
618343512828303277831119838914524510883,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.espncricinfo.com/
content-length
17294
x-request-id
4646e7bce78eb5a6416a53e5b07872af
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100036-IAD, cache-iad-kiad7000159-IAD, cache-lax10669-LGB, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 02 Apr 2023 09:52:59 GMT
server
nginx
x-timer
S1682522847.242569,VS0,VE2
etag
"cf497c858348367f9c8bcd1bd78f426e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 58, 1
ce56b9d5a9f283688bb68420c564261e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce56b9d5a9f283688bb68420c564261e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f04b202d12ead4c234e761959a8880533c9d444447c8f5bcf49c266856cdb449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce56b9d5a9f283688bb68420c564261e.png
age
3028624
edge-cache-tag
630361108700058191392641690462288652419,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
630361108700058191392641690462288652419,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
28
expiration
expiry-date="Wed, 05 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://poshland.com/
content-length
17966
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000042-IAD, cache-iad-kcgs7200027-IAD, cache-chi-kigq8000029-CHI, cache-iad-kiad7000135-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 05 Mar 2023 07:43:46 GMT
server
nginx
x-timer
S1682522847.242601,VS0,VE1
etag
"dc1e6c166949e5c3f65ebb75b3f4df0d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 56, 1
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
4201746
edge-cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
114
expiration
expiry-date="Fri, 10 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/langue-francaise/expressions-francaises/a-nouveau-ou-de-nouveau-ne-faites-plus-la-faute-20190916
content-length
24876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000174-IAD, cache-iad-kjyo7100087-IAD, cache-sna10750-LGB, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 07 Feb 2023 04:05:42 GMT
server
nginx
x-timer
S1682522847.242685,VS0,VE1
etag
"f5287609d11c2dc6fa654bfe36da9765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 567, 1
567a79e4b254dbd49ad8440cdff6d5d2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/567a79e4b254dbd49ad8440cdff6d5d2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
440186869a970b061b2e8fdfeaebafbf74de87ab49beed47cc37ee8bd973e781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/567a79e4b254dbd49ad8440cdff6d5d2.jpg
age
2383625
edge-cache-tag
589053804136251633204052908596272210960,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
589053804136251633204052908596272210960,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
97
expiration
expiry-date="Wed, 19 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cnbc.com/
content-length
5958
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kiad7000175-IAD, cache-chi-klot8100111-CHI, cache-iad-kiad7000107-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 19 Mar 2023 23:49:18 GMT
server
nginx
x-timer
S1682522847.243086,VS0,VE1
etag
"cbe694532f76d85237edeb336af0d765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 40, 1
1da7dc15a4717e5fab05dc223d2bbe12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da7dc15a4717e5fab05dc223d2bbe12.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb1a29e29a407b237cc690a296b466c5a67a8448aba71ccff1d9afee6e056927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da7dc15a4717e5fab05dc223d2bbe12.jpg
age
1018353
edge-cache-tag
295878447785324548960341949178826670647,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
295878447785324548960341949178826670647,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
235
req-referer
https://www.expressandstar.com/
content-length
61452
x-request-id
11a70bf1ec8191ce92794ccbe7fc1edd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000177-IAD, cache-iad-kjyo7100087-IAD, cache-chi-kigq8000161-CHI, cache-iad-kjyo7100136-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 14 Apr 2023 14:06:08 GMT
server
nginx
x-timer
S1682522847.266660,VS0,VE0
etag
"b09bb936339129ca9ef22b3c015cefac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 160, 7
pv
tra.neodatagroup.com/
Redirect Chain
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1517244135435&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@...
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=1517244135435&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@...
232 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.neodatagroup.com/pv?sid=2033&rnd=1517244135435&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&pbs=true&neoid=30f7c5a70f40592
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e891bcae779b03f19df737dc234750481d3f4eaf29de50135f760b5b5f9ac27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive

Redirect headers

Access-Control-Allow-Origin
*
Location
/pv?sid=2033&rnd=1517244135435&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=https%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&pbs=true&neoid=30f7c5a70f40592
Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
js
pixel.mathtag.com/sync/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435
Requested by
Host: c.neodatagroup.com
URL: https://c.neodatagroup.com/adapex.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master cdg-pixel-x30 config_version:"unknown" /
Resource Hash
37e8d7628f918af28715ed00e4af2f20473b925edca385179d7294d3d6e512c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Server
MT3 830 785530e master cdg-pixel-x30 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1567
Expires
Wed, 26 Apr 2023 15:27:26 GMT
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1517244135435
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=4879352085120318172&rt=img&rnd=1517244135435
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=4879352085120318172&rt=img&rnd=1517244135435&neoid=30f7c5a719205a9
1 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=4879352085120318172&rt=img&rnd=1517244135435&neoid=30f7c5a719205a9
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin
*
Location
/cm?sid=1&pv=APN&eid=4879352085120318172&rt=img&rnd=1517244135435&neoid=30f7c5a719205a9
Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1517244135435
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=1517244135435&google_tc=
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1517244135435&google_gid=CAESENE7axbGGr371SgBgQ1dvG4&google_cver=1
1 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1517244135435&google_gid=CAESENE7axbGGr371SgBgQ1dvG4&google_cver=1
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1517244135435&google_gid=CAESENE7axbGGr371SgBgQ1dvG4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cms
ups.analytics.yahoo.com/ups/58681/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=1517244135435
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1517244135435
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1517244135435
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1517244135435
content-type
text/html
cache-control
no-store
content-length
369
32103b91d1920348ec34d70d1fd1ca07.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32103b91d1920348ec34d70d1fd1ca07.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14e1bc83600a94c60d4b4aa7f807e6bf1fc9f1bc7cc55e7b06e49d1debf85ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32103b91d1920348ec34d70d1fd1ca07.jpg
age
1114457
edge-cache-tag
543186543935300341624144917515188807761,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
543186543935300341624144917515188807761,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
414
req-referer
https://tvmag.lefigaro.fr/
content-length
11864
x-request-id
e1eb272d045be4b4a8a839f4a7063135
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100049-IAD, cache-iad-kcgs7200162-IAD, cache-chi-klot8100134-CHI, cache-iad-kcgs7200112-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 05 Apr 2023 22:44:26 GMT
server
nginx
x-timer
S1682522847.292275,VS0,VE1
etag
"b8f05457f8587f184666567f318fc800"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 138, 1
ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22f0a1deaad55d20892f403df7572309e177e5a65eaad2fca1e811f3876d51b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age
1291791
edge-cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/fussball/champions-league/2023/04/ex-city-star-rosler-vor-bayern-knaller-mein-herz-schlagt-naturlich-fur-city
content-length
20332
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000093-IAD, cache-lax10643-LGB, cache-iad-kiad7000109-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 14 Mar 2023 08:24:24 GMT
server
nginx
x-timer
S1682522847.292243,VS0,VE1
etag
"9ccaa3b58f3f333af0244c3fedecaa3b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 1
49c334c86f5c1c400299db62ec4b4a48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d5852a50c137b7591dbdbf7f68d815ca95611ba16bcd2e9bb528a606835db7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
age
1134713
edge-cache-tag
385600290543437185772783954609302191142,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
385600290543437185772783954609302191142,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
155
expiration
expiry-date="Mon, 01 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.yumpu.com/
content-length
23596
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kjyo7100093-IAD, cache-lga21955-LGA, cache-iad-kiad7000111-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 31 Mar 2023 21:52:37 GMT
server
nginx
x-timer
S1682522847.312510,VS0,VE1
etag
"a88fedbc5a276d553578bfc4f57070c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 4, 1
1f946c691c3b1d990ef4f1fa50ea012d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f946c691c3b1d990ef4f1fa50ea012d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85ba0f0b13c1c263b7aca44a4e86daca19239f4b2304d878e938e6f6dacc8b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f946c691c3b1d990ef4f1fa50ea012d.jpg
age
534380
edge-cache-tag
532847368151265911324193870130858320942,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
532847368151265911324193870130858320942,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1306
req-referer
https://www.prajavani.net/
content-length
24208
x-request-id
50c2ce3e05c5451948a08722578fc3f1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000110-IAD, cache-lax10642-LGB, cache-iad-kcgs7200161-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 19 Apr 2023 17:46:25 GMT
server
nginx
x-timer
S1682522847.317761,VS0,VE1
etag
"35d71c802392c42f251d8f24f08f56f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 12, 1
d6fbf7f111fb4efa7552f3f4d34eda40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b93335d3d4d516af62f2e175bd65ebf9578e5da250938a6a79137889f0c65439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
age
2580781
edge-cache-tag
573200521614995317052826837515243108417,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
573200521614995317052826837515243108417,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
257
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.internetradio-horen.de/
content-length
12408
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000152-IAD, cache-iad-kjyo7100173-IAD, cache-lax10649-LGB, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 14 Mar 2023 08:55:42 GMT
server
nginx
x-timer
S1682522847.339374,VS0,VE1
etag
"fb2e06e74c02a7193c60105a4650a0dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 1
61459c37a5780b1bb0f5147390499050.jpg
images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
554f7c3996f6a32b41a1231672d2725dd5ca2ebde7b191caa4c59ec8eb1a440a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
age
1446002
edge-cache-tag
448172535434214216740621872852129660405,335003102500645701368672768189136159196,29ecf9b93bbf306179626feeda1fab70
cache-tag
448172535434214216740621872852129660405,335003102500645701368672768189136159196,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://d-2063538762056537762.ampproject.net/
content-length
23066
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100085-IAD, cache-lax10676-LGB, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230022-FRA
last-modified
Mon, 03 Apr 2023 00:10:42 GMT
server
nginx
x-timer
S1682522847.339523,VS0,VE1
etag
"79725deb7c1eb3de6a7e139c0dff5402"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 6, 1
717b0b912e7001cb03de7be4edb79d30.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717b0b912e7001cb03de7be4edb79d30.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9618275c88a57213b907596bfbbbe118ca15c3df8a41881b2ce151a89f92b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717b0b912e7001cb03de7be4edb79d30.png
age
2421075
edge-cache-tag
510002540753963254969836453235173843959,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
510002540753963254969836453235173843959,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Wed, 05 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://work.chron.com/
content-length
16982
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100089-IAD, cache-lga21940-LGA, cache-iad-kjyo7100039-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 05 Mar 2023 23:05:51 GMT
server
nginx
x-timer
S1682522847.362189,VS0,VE1
etag
"606edf150845afdd80c26c6a1e8e5693"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 0, 1
7d43b6efec1ad4b7e38b40912a45aab4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d43b6efec1ad4b7e38b40912a45aab4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
857ae8ee4da7314c4bb3ebf9879ac5381ee43689fa1c58ceaf54b247bf37ef28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d43b6efec1ad4b7e38b40912a45aab4.jpg
age
1113456
edge-cache-tag
479352694571834933869861490159898504596,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
479352694571834933869861490159898504596,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
376
req-referer
https://smallbusiness.chron.com/
content-length
21356
x-request-id
a2ac6cadbf2cf9aac06cb616919998d1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000154-IAD, cache-lax10625-LGB, cache-iad-kcgs7200069-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 05 Apr 2023 22:45:45 GMT
server
nginx
x-timer
S1682522847.362189,VS0,VE1
etag
"f5770fd9772a2179de3b7854d6420a1c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 46, 1
dyeznpumnterqy825quj.mp4
cdn.taboola.com/libtrc/static/video/v1678970470/ 		735 KB
735 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1678970470/dyeznpumnterqy825quj.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4da6662a5ef0005329ee61bd2c3d36000bfa5e0a40865790aafdda94a3a48564

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
3xxYZ7SOiLpbZspCjZ3fL9fv7LiGH7Y5
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish
x-amz-request-id
QBSRFR4DNC691PV4
age
45
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-752168/752169
x-amz-replication-status
COMPLETED
Content-Length
752169
x-amz-id-2
8si10oLkQZ1Gts2Y2BWQP4YW5Eh4DgDhGQyyx2AthtQ/2NFjBkX2l/Ew2Si9zwzS1iNU6vsh/UQ=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Thu, 16 Mar 2023 12:41:17 GMT
server
AmazonS3
x-timer
S1682522847.343151,VS0,VE1
etag
"40fe706ce75b262bfebef0414c0afe40"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
baulpf3dmij5y1uerueb.mp4
cdn.taboola.com/libtrc/static/video/v1681113807/ 		507 KB
507 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681113807/baulpf3dmij5y1uerueb.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f65f97a4b8df6d6298c1ce56cc871d6076f6b68b20a24393db31a5ea10a6dd58

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
p5cOGTcL9wTowwEFvXh.ny7WafXAFipS
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish
x-amz-request-id
207KK0X2MW7Y9EZ9
age
20
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-518843/518844
x-amz-replication-status
COMPLETED
Content-Length
518844
x-amz-id-2
EpCI85vX6LlNYIFcEOm0ZYua4/o0I6uBWabAP2qrdWmmiXo6d5RszMNrgcTcSCpZYuCb7GqFpZU=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 10 Apr 2023 08:03:33 GMT
server
AmazonS3
x-timer
S1682522847.358350,VS0,VE1
etag
"59b1b0c56f37187e0e97df793e187afe"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
579.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
d65087006877dc77a1a0dbad0b8670f9366a63d5fee2db704d2045d4a70ffb63
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
a7ug4dqgqsndfpdzpfnp.mp4
cdn.taboola.com/libtrc/static/video/v1681926245/ 		483 KB
484 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681926245/a7ug4dqgqsndfpdzpfnp.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f33e47e8523f2f1f5c4b387e85eb76cfe4ab8a49d0860c7eaddc85ab38898df

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
KPAAMzjNBR5jchTxB1Atw.LR2OSGuDXK
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish
x-amz-request-id
1ZZAWDEXYPB8GJFM
age
56
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-494659/494660
x-amz-replication-status
COMPLETED
Content-Length
494660
x-amz-id-2
uDJTZOreLlZgXi6DNyc/YA7Ik7TTvGfzk0iPQ0mj1VnuaO++HTu0p4GbcTH+AaXJpxmP85Kiy+U=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 19 Apr 2023 17:44:11 GMT
server
AmazonS3
x-timer
S1682522847.379076,VS0,VE1
etag
"85a10f19fee8f1271b97c4b4bee492d2"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Apr 2023 15:27:27 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 07:00:45 GMT
content-encoding
gzip
age
462402
x-guploader-uploadid
ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 20 Apr 2024 07:00:45 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27049
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTBdQWVf2w0rBgT%2Fv5kRJFSqPZGp8MtvtJqD51vaP2AeKTdinQzctLNXlep1CgYvSsiD7BOxpP6Ar5gqaPqdAbOfAbot32%2BaVD2UZ2CJFwN6IIczR6LA%2BtEGcjyp1cFR1qOX64dEywvli4Ffz00%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bdfd9944ed69b86-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QMTF7Y0EQJWTVWC1
age
3472
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bdfd99438612bd2-FRA
x-amz-id-2
SeWCqnl1Kp+QuGy2EIyalJ8BkaauZ+FQHDvyvpN+WMxuOXaApqhXsz69QeQqfnfMQbX59aUJB90=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 03:48:15 GMT
content-encoding
gzip
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
41953
x-amz-server-side-encryption
AES256
etag
W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
biQ-ST1CpmRdhgmFbpCTQKeKuzToaFe8qKGzqQuSnkuvb26Oux1UHg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:f200:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:50:38 GMT
Via
1.1 5f2bb43f258333f4156847ce1f482ee6.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL50-P4
Age
45410
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
UprnftryuX5HjE15fP8WpW1e8zhXPqTIFH7Y0Ld8yjbf4WQ2QlfM3A==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0390a205adde41148772c08262a87b8b173f4d1df61e9ce323b89069827643c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:51:04 GMT
via
1.1 google
age
2183
x-guploader-uploadid
ADPycds_LzuW080Pv0MH8duUTem7FPZpuhbrKUwnH4U17ktT2YpGygAD9OvcGdBDvGzVoeQxD0oMxahNOVU3HKDL7QhouCsnZoQa
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1980
last-modified
Tue, 25 Apr 2023 13:43:05 GMT
server
UploadServer
etag
"692cc2d6f486e447021bff2a69a35f34"
x-goog-generation
1682430185162277
x-goog-hash
crc32c=dKXvLw==, md5=aSzC1vSG5EcCG/8qaaNfNA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1980
accept-ranges
bytes
expires
Wed, 26 Apr 2023 15:51:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6E9E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstWtCRx0TVbpHOSArV3wCCwN3MSRHbpcueLX3AGINMQ5xR3FrYWRexU3T6GJfaN6n8ec1XTO6eGI-Y8-jkFzEh1OBFZ2swJhSSNj5DLhyhe0jMRVLwWl1Z4Pcd7eUMfcndezU6jltv_LhKC4C_H7VWTXFr_UIdy2X98QpdYz1uAz3NDYrMAAOTPdrJX8kZxc_mSiYFXSKciGuCsURCvNWnx4AlfvO4jk4smPCvZ3Kv2I3BHNJN6k8caeFpBPFN6PuoGL2goNLQyJwTbQ8YJdP73ObmjxCAR0YahTM0P4t1tWx_5duOdKZ5zxt41quEUHS2n-xn9D-KRY9GQPdBY4-_dFLf4A&sai=AMfl-YTQTphIl19OPdZZr_HXXth5buHYP8aqSiDDuCuhrkVtcAj4xciTWwJqhp0_yH_mUrSGShVbe5oC_7Odw4N_fKz4ZOQ2kzqWEm393LGggfQBmkQhq_rLFWJU6zOzJOfUtXvQnBx_gH_Y8BuNQ1Y&sig=Cg0ArKJSzOIvC1EiemoWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 15:27:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F2CC 		273 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYxdOv5gEwAQ&v=APEucNW2phYye_T5svfH2FSTkH6trevrnj0phT77QLgPwfrwoZQeGtDZbErpNRfcSSHMvf0y3VhTkJQg5ntYHVXDyF25zhXVI9ukTQ5V0AU5ooNKZ4ZsxADHZ9S55tqlbspuC-eEdBTYp5yWeqEUb_AtD7QUmVPLsi4rb7pFpRWFecqQvO0G1fH0KBrex1ZvcWH8d5dC7JpG3G_P5atKVRhgc_vyTTsbKuqqe7UsRlnxG8FavlvbDjI
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 15:27:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6E9E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 15:27:27 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 6E9E 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-175.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27631
Expires
Thu, 25 Apr 2024 15:27:27 GMT
it
fra1-ib.adnxs.com/ Frame 6E9E 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fultrasurfing.com%252F&e=wqT_3QKsC-isBQAAAwDWAAUBCN6FpaIGEJqLk-fh9s2HWhgAKjYJflTDfk-skz8R_43Bs9Lejz8ZAAAA4FG4zj8h_w0SACkRJAAxCRuonj8wwOeTDTinPUC8CUhlUNfF4s0BWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG9CkFmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAvb_W-oCGWh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA6YHCu8GaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DY0FNSzNrSkpaTE9vQ04tRWtkVVBxOXVtOEFUc3FNV2ZjTnFwLU9QV0VQZlNvcjNBQVJBQklPYVgxaVZnbGFLU2dxQUh5QUVKcVFKd3hwTVI4SWF5UHFnREFjZ0Rtd1NxQkpVQ1Q5Q1V0OFZ4a3h2SkZtVlZDSXdQZFpEQnVYbHRCZDRCNWRwVmIyNHVDeFdZM1VFVVNYdC01YjRrQ3pJQlJ2R3Z6aW9aemFTbmJ3bG9QZFhvZlJPVjFwbGdwdGQ0czVQZEszeTJoeDJUYjRQTnpubEVzQ3VmRFhvR1FaeUhfOERUTTdDTGxZZWt6R0RrYjRhd1VuSE15bTc0YlJ2eUlsV0JRMU1BVkxTZ2w0TlA2V09Ea3JRSkE1NWZaNkRTdnVtTFVseFlEdWtha2ZKaFlyb0NaVUN0MkNQV0NHMC1uVW1DbGRvYXBwOTNfTHV3UmpVcjM3aDh3cUNiaXFBNFJXUmZvMm1uZ3NNREhuTVVhTTdvZXZTOWp6TV9uUVgySEZMQ1VHcF9TYVZtamFDbEZnVmVzTTU4Yl9RZnNVbTR4ZE00X3hCYXZxM21yWUkyOXg4LTczY25GbjV5Wml4c2tIQTFqci1PZTh2dkVDTVpkM2daMzhBRTF1cll6YUFFNEFRRGlBWEo4cktRU3BJRkJnZ2RFQVFZQVpJRkJnZ2RFQUVZQVpJRkJnZ2VFQUVZQVpBR0FhQUdkNEFIeEx5SnF3T29CNDdPRzZnSGs5Z2JxQWZ1bHJFQ3FBZi1uckVDcUFla283RUNxQWZWeVJ1b0I2YS1HOWdIQVBJSENoQ01sZ0VZeGRPdjVnSFNDQkVJZ09HQUVCQUJHRjh5QXFvQ09nS0FRUElJRG1KcFpHUmxjaTAyTkRBM01USTBnQW9FeUFzQnNCUG1xX3dTeUJQTjJJemlBOWdUQ3RnVUFkQVZBWUFYQWJJWENBb0dDQUFTQUJnQTZCY0Ymc2lnaD1jaVdHZ19STXZnRSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURLSFlfUkhkdFNBZGxFWG4yWUJleklvMDVGLU1ERGhnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2NDg5NDY2ODQzMzcyNTA0NDc0Igk0MzE1MzA3MTEqBzQxMDU5MzE6CTQ4MzEyNTcwMcADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNfF4s0BiAUBmAUAoAW82OSe7_L6wGbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW5w0_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG5EzaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwsxOTg5ODYxMjA0McgHANIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHocECiggCEACVCAAAgD-YCAE.&s=0ae9c99ab3ad733f8189db71c5be3ec8eb333753
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:27 GMT
AN-X-Request-Uuid
28bf2eeb-37b8-454a-8cd4-7c57af019c25
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E9E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHHRGdulDsssHfhJAvV7v2dkF5ADn2Rr1nzi6gAJI4GqU2-jhKBOYAGsizyrhyJTo9E1T7myBgP2D3ZYcy1dJNxJZztNXAnPD3gkcK3509TgWwTqc
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E9E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6648248110078899284&x=10&ct=119
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E9E 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 15:27:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJG_CzqmzSOUptM7u70oAYx2Odzo8NxDgzCxsOXc4767oQrLPJo-jPW0fOeJNWKP9QFhieKuOBMJJyhJjCI9bVhP20jI15k22tmDW1kuQQ4zhTzDuvEtWXi2zRHADm24XYfhr7Rh4S72acGrPjr-3srFBs8GcuL2A1OF1rnsoLckbqj1VOB8aLBi-lO-yNCZNCKzbRNi6jaB-0jRhh_BZSDFH7Am-tlzvM06s5Gk1kqkfNGBTXfE1SM-59F8iEAWyxMWOn_89-5kcsb2WncvjpqiT9dHTtdLQk18POxgcU73KS1NmFhPW03o987JUtd8Mzb-DlfKMbt9_9aHkB0S4NrA&sai=AMfl-YSyaMPNnDi0z7lXOUOH6v7yZXgN10dKYIDwEwhH4HlUS4U56vxVPEY0_XK-sKEzl6Hi3gPv1QS8FqnmxiusZ36SMouKAWbM9f-f4Yb0klFE-VvYmTvXSI_yQPMfroUIMwtIClHx2KvwsyncSHg&sig=Cg0ArKJSzKMg7cMkWanvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 7D5D 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
79dfcd4f1764fa61ae0e294c5bd8948af8190f679a04ad933ef0e8bacda83a9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 15:27:26 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 06:16:10 GMT
x-azure-ref-originshield
0dMNHZAAAAAAup+jR+vxhTL7vLAP2yd21RlJBMjMxMDUwNDE4MDM5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
U//UAPsLu1LiZTri32H+Fw==
etag
0x8DB3FD467577C90
x-azure-ref
030JJZAAAAAAA20xQcNCLT6xfGu83N9xgRlJBMzFFREdFMDMwMwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/javascript
x-ms-request-id
df81c12b-c01e-0013-54ad-76a79a000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/232/ Frame 7D5D 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-175.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27631
Expires
Thu, 25 Apr 2024 15:27:27 GMT
it
fra1-ib.adnxs.com/ Frame 7D5D 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fultrasurfing.com%252F&e=wqT_3QLxBuhxAwAAAwDWAAUBCN6FpaIGEPPah-_PgorHIBgAKjYJzWUgICV7ij8RtmC4ETAoiT8ZAAAAIIXr0T8htg0SACkRJMgxAAAAQOF6pD8ww-eTDTinPUC1XkjjA1C6iYq2AVjMzk1gAGjC4GZ4AIABAYoBA1VTRJIFBvBbmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIZaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDF6ADAaoD-wIKpQIRLxR3d3cuYmkNK_BeYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MmNjNDYxMzQtN2RjYy00ZWRlLTgwZTctZjBmYTJkZTY0ODIwJmNtRXhwSWQ9VjMmb0EyRABUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOklkAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc1ODc1MjMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgF6emYlM0Fhbmd2aXJxdmZjeW5sJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM0NTg1NjUyNjUzMDUwNjA5OSIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05EYzJNakk0TlRZNE16TTPAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWbqNP_oOivvDnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AVw-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAABUl0AAAQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JDSMFJAzaBwYIBQlo4AcA6gcCCADwB6HBAooIAhAAlQgAAIA_mAgB&s=96e20b9d3bd6d773e8a76dd5ea0024d7fc72adb3
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:27 GMT
AN-X-Request-Uuid
c9deefbf-50a5-4b00-a10f-cedc54134cf8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D5D 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 15:27:27 GMT
next-up-widget.20230420-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230420-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
594296230a5956cd55925715cd30d4c735c4cec300bf847c25542e42066a15cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
F_hHCyEqYshQAJCq0XqJVwZIdzXfTi74
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:27 GMT
x-amz-request-id
2GTZC75FTAZWEKDG
age
280391
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
hj6+/KiaQJqGw9fvjwSvoPqnEJ2xj0WeVNvTij/R9F9qhu6phULr4jCHJKsXIa1GNVWzT8jI3GU=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 23 Apr 2023 09:34:16 GMT
server
AmazonS3
x-timer
S1682522847.431499,VS0,VE0
etag
"b35140598963258bb2d94100cca9e731"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1272
81cd902f44290fa21c94336acd125ceb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81cd902f44290fa21c94336acd125ceb.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d552536a5a0578b138ae9773acf8151f5fd1506011d3183a11c41b1fa14ef4a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81cd902f44290fa21c94336acd125ceb.jpeg
age
1901630
edge-cache-tag
618343512828303277831119838914524510883,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
618343512828303277831119838914524510883,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.espncricinfo.com/
content-length
17294
x-request-id
4646e7bce78eb5a6416a53e5b07872af
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100036-IAD, cache-iad-kiad7000159-IAD, cache-lax10669-LGB, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 02 Apr 2023 09:52:59 GMT
server
nginx
x-timer
S1682522847.441916,VS0,VE0
etag
"cf497c858348367f9c8bcd1bd78f426e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 58, 2
ce56b9d5a9f283688bb68420c564261e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce56b9d5a9f283688bb68420c564261e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f04b202d12ead4c234e761959a8880533c9d444447c8f5bcf49c266856cdb449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce56b9d5a9f283688bb68420c564261e.png
age
3028624
edge-cache-tag
630361108700058191392641690462288652419,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
630361108700058191392641690462288652419,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
28
expiration
expiry-date="Wed, 05 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://poshland.com/
content-length
17966
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000042-IAD, cache-iad-kcgs7200027-IAD, cache-chi-kigq8000029-CHI, cache-iad-kiad7000135-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 05 Mar 2023 07:43:46 GMT
server
nginx
x-timer
S1682522847.441401,VS0,VE0
etag
"dc1e6c166949e5c3f65ebb75b3f4df0d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 56, 2
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
4201746
edge-cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
114
expiration
expiry-date="Fri, 10 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/langue-francaise/expressions-francaises/a-nouveau-ou-de-nouveau-ne-faites-plus-la-faute-20190916
content-length
24876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000174-IAD, cache-iad-kjyo7100087-IAD, cache-sna10750-LGB, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 07 Feb 2023 04:05:42 GMT
server
nginx
x-timer
S1682522847.484755,VS0,VE0
etag
"f5287609d11c2dc6fa654bfe36da9765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 567, 2
567a79e4b254dbd49ad8440cdff6d5d2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/567a79e4b254dbd49ad8440cdff6d5d2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
440186869a970b061b2e8fdfeaebafbf74de87ab49beed47cc37ee8bd973e781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/567a79e4b254dbd49ad8440cdff6d5d2.jpg
age
2383625
edge-cache-tag
589053804136251633204052908596272210960,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
589053804136251633204052908596272210960,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
97
expiration
expiry-date="Wed, 19 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cnbc.com/
content-length
5958
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kiad7000175-IAD, cache-chi-klot8100111-CHI, cache-iad-kiad7000107-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 19 Mar 2023 23:49:18 GMT
server
nginx
x-timer
S1682522847.490865,VS0,VE0
etag
"cbe694532f76d85237edeb336af0d765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 40, 2
1da7dc15a4717e5fab05dc223d2bbe12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da7dc15a4717e5fab05dc223d2bbe12.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb1a29e29a407b237cc690a296b466c5a67a8448aba71ccff1d9afee6e056927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da7dc15a4717e5fab05dc223d2bbe12.jpg
age
1018353
edge-cache-tag
295878447785324548960341949178826670647,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
295878447785324548960341949178826670647,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
235
req-referer
https://www.expressandstar.com/
content-length
61452
x-request-id
11a70bf1ec8191ce92794ccbe7fc1edd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000177-IAD, cache-iad-kjyo7100087-IAD, cache-chi-kigq8000161-CHI, cache-iad-kjyo7100136-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 14 Apr 2023 14:06:08 GMT
server
nginx
x-timer
S1682522847.493396,VS0,VE0
etag
"b09bb936339129ca9ef22b3c015cefac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 160, 8
32103b91d1920348ec34d70d1fd1ca07.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32103b91d1920348ec34d70d1fd1ca07.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14e1bc83600a94c60d4b4aa7f807e6bf1fc9f1bc7cc55e7b06e49d1debf85ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32103b91d1920348ec34d70d1fd1ca07.jpg
age
1114457
edge-cache-tag
543186543935300341624144917515188807761,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
543186543935300341624144917515188807761,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
414
req-referer
https://tvmag.lefigaro.fr/
content-length
11864
x-request-id
e1eb272d045be4b4a8a839f4a7063135
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100049-IAD, cache-iad-kcgs7200162-IAD, cache-chi-klot8100134-CHI, cache-iad-kcgs7200112-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 05 Apr 2023 22:44:26 GMT
server
nginx
x-timer
S1682522847.493368,VS0,VE0
etag
"b8f05457f8587f184666567f318fc800"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 138, 2
ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22f0a1deaad55d20892f403df7572309e177e5a65eaad2fca1e811f3876d51b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age
1291791
edge-cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
380718914452234203638632966853219348314,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/fussball/champions-league/2023/04/ex-city-star-rosler-vor-bayern-knaller-mein-herz-schlagt-naturlich-fur-city
content-length
20332
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000093-IAD, cache-lax10643-LGB, cache-iad-kiad7000109-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 14 Mar 2023 08:24:24 GMT
server
nginx
x-timer
S1682522848.500561,VS0,VE0
etag
"9ccaa3b58f3f333af0244c3fedecaa3b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 2
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A598 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 12:10:40 GMT
expires
Thu, 25 Apr 2024 12:10:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8197 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
400e6a2388f7dedb5855ad3af8ac11c890a7385f207ec80cde797067d7b560f5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zG6Nkg4IxhnAuzWicghzmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-zG6Nkg4IxhnAuzWicghzmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 15:27:27 GMT
expires
Wed, 26 Apr 2023 15:27:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
49c334c86f5c1c400299db62ec4b4a48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d5852a50c137b7591dbdbf7f68d815ca95611ba16bcd2e9bb528a606835db7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
age
1134713
edge-cache-tag
385600290543437185772783954609302191142,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
385600290543437185772783954609302191142,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
155
expiration
expiry-date="Mon, 01 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.yumpu.com/
content-length
23596
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kjyo7100093-IAD, cache-lga21955-LGA, cache-iad-kiad7000111-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 31 Mar 2023 21:52:37 GMT
server
nginx
x-timer
S1682522847.475240,VS0,VE0
etag
"a88fedbc5a276d553578bfc4f57070c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 4, 2
1f946c691c3b1d990ef4f1fa50ea012d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f946c691c3b1d990ef4f1fa50ea012d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85ba0f0b13c1c263b7aca44a4e86daca19239f4b2304d878e938e6f6dacc8b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f946c691c3b1d990ef4f1fa50ea012d.jpg
age
534380
edge-cache-tag
532847368151265911324193870130858320942,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
532847368151265911324193870130858320942,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1306
req-referer
https://www.prajavani.net/
content-length
24208
x-request-id
50c2ce3e05c5451948a08722578fc3f1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000110-IAD, cache-lax10642-LGB, cache-iad-kcgs7200161-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 19 Apr 2023 17:46:25 GMT
server
nginx
x-timer
S1682522847.475240,VS0,VE0
etag
"35d71c802392c42f251d8f24f08f56f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 12, 2
d6fbf7f111fb4efa7552f3f4d34eda40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b93335d3d4d516af62f2e175bd65ebf9578e5da250938a6a79137889f0c65439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
age
2580781
edge-cache-tag
573200521614995317052826837515243108417,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
573200521614995317052826837515243108417,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
257
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.internetradio-horen.de/
content-length
12408
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000152-IAD, cache-iad-kjyo7100173-IAD, cache-lax10649-LGB, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 14 Mar 2023 08:55:42 GMT
server
nginx
x-timer
S1682522847.475201,VS0,VE0
etag
"fb2e06e74c02a7193c60105a4650a0dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 2
61459c37a5780b1bb0f5147390499050.jpg
images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
554f7c3996f6a32b41a1231672d2725dd5ca2ebde7b191caa4c59ec8eb1a440a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
age
1446002
edge-cache-tag
448172535434214216740621872852129660405,335003102500645701368672768189136159196,29ecf9b93bbf306179626feeda1fab70
cache-tag
448172535434214216740621872852129660405,335003102500645701368672768189136159196,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://d-2063538762056537762.ampproject.net/
content-length
23066
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100085-IAD, cache-lax10676-LGB, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230022-FRA
last-modified
Mon, 03 Apr 2023 00:10:42 GMT
server
nginx
x-timer
S1682522847.475209,VS0,VE0
etag
"79725deb7c1eb3de6a7e139c0dff5402"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 6, 2
717b0b912e7001cb03de7be4edb79d30.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717b0b912e7001cb03de7be4edb79d30.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9618275c88a57213b907596bfbbbe118ca15c3df8a41881b2ce151a89f92b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717b0b912e7001cb03de7be4edb79d30.png
age
2421075
edge-cache-tag
510002540753963254969836453235173843959,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
510002540753963254969836453235173843959,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Wed, 05 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://work.chron.com/
content-length
16982
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100089-IAD, cache-lga21940-LGA, cache-iad-kjyo7100039-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 05 Mar 2023 23:05:51 GMT
server
nginx
x-timer
S1682522848.508572,VS0,VE0
etag
"606edf150845afdd80c26c6a1e8e5693"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 0, 2
7d43b6efec1ad4b7e38b40912a45aab4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d43b6efec1ad4b7e38b40912a45aab4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
857ae8ee4da7314c4bb3ebf9879ac5381ee43689fa1c58ceaf54b247bf37ef28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d43b6efec1ad4b7e38b40912a45aab4.jpg
age
1113456
edge-cache-tag
479352694571834933869861490159898504596,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
479352694571834933869861490159898504596,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
376
req-referer
https://smallbusiness.chron.com/
content-length
21356
x-request-id
a2ac6cadbf2cf9aac06cb616919998d1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000154-IAD, cache-lax10625-LGB, cache-iad-kcgs7200069-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 05 Apr 2023 22:45:45 GMT
server
nginx
x-timer
S1682522848.509203,VS0,VE0
etag
"f5770fd9772a2179de3b7854d6420a1c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 46, 2
iframe
pixel.mathtag.com/sync/ Frame A012 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master zrh-pixel-x7 config_version:"unknown" /
Resource Hash
0cbde1c6e98dab93b116c69b69ccdc668cd51ab5a07ca9ce270b10612014fef5

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
963
Content-Type
text/html
Date
Wed, 26 Apr 2023 15:27:27 GMT
Expires
Wed, 26 Apr 2023 15:27:26 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x7 config_version:"unknown"
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame F2CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEIVGONMJnCJWFfOI3zOSXkc&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEIVGONMJnCJWFfOI3zOSXkc&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=b0d69bff3891bba1170b0838d6878eb0&uid=b0d69bff3891bba1170b0838d6878...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYxdOv5gEwAQ&v=APEucNW2phYye_T5svfH2FSTkH6trevrnj0phT77QLgPwfrwoZQeGtDZbErpNRfcSSHMvf0y3VhTkJQg5ntYHVXDyF25zhXVI9ukTQ5V0AU5ooNKZ4ZsxADHZ9S55tqlbspuC-eEdBTYp5yWeqEUb_AtD7QUmVPLsi4rb7pFpRWFecqQvO0G1fH0KBrex1ZvcWH8d5dC7JpG3G_P5atKVRhgc_vyTTsbKuqqe7UsRlnxG8FavlvbDjI
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:28 GMT
Last-Modified
Wed, 26 Apr 2023 15:27:28 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame F2CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEA2ObNBwVV6Vred8Msg93jc&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEA2ObNBwVV6Vred8Msg93jc&google_cver=1&ang_testid=1
42 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEA2ObNBwVV6Vred8Msg93jc&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYxdOv5gEwAQ&v=APEucNW2phYye_T5svfH2FSTkH6trevrnj0phT77QLgPwfrwoZQeGtDZbErpNRfcSSHMvf0y3VhTkJQg5ntYHVXDyF25zhXVI9ukTQ5V0AU5ooNKZ4ZsxADHZ9S55tqlbspuC-eEdBTYp5yWeqEUb_AtD7QUmVPLsi4rb7pFpRWFecqQvO0G1fH0KBrex1ZvcWH8d5dC7JpG3G_P5atKVRhgc_vyTTsbKuqqe7UsRlnxG8FavlvbDjI
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEA2ObNBwVV6Vred8Msg93jc&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
img
pixel.mathtag.com/comp/ 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master zrh-pixel-x13 config_version:"unknown" /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Server
MT3 830 785530e master zrh-pixel-x13 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Wed, 26 Apr 2023 15:27:26 GMT
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
83e99b0afe85b3257ed842f2a5926d98b55bdca378e9951a955f1759f213efec

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
17e0b20f5a3f0b0635d17b252cb2bfe9
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ultrasurfing.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 26 Apr 2023 15:27:27 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
2389692137632dfcf96d915dcda5c22d
syncframe
gum.criteo.com/ Frame 8BDA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ultrasurfing.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 15:27:26 GMT
server
Kestrel
server-processing-duration-in-ticks
608071
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fultrasurfing.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fultrasurfing.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fultrasurfing.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e0840c1aa485354354a7ee9ccf4aa30ea639dfd6c4195f42bcba2e23d279e482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-oNKH4FqIKL/lOzHYycKZ4MgdrqM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://ultrasurfing.com
location
/esp?url=https%3A%2F%2Fultrasurfing.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.3.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-3-66.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6fb10501a0236160e8d4d00f4e55ff1f6101e4f5eac1b06fe91a313b120bfada

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache
x-server
10.45.3.85
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ultrasurfing.com
date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E9E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9570223786129&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E9E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9570223786129&version=m202301230201&ct=119&x=10&cor=6648248110078899000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6E9E 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AH4NZyPk7Lur7hyvoF0rXatXqUWX1aoL0MHiInDedc3e9OpeaNW6DJE7-KhRujKd-F3dW74GCNtuSqUh-PfRpdal14qTRFVYeWD21yjaJ1_C2t856ySz9tUJ3rYFKH3eDjwEsh423d4RierOgEt3bilroazrcxFJHOMuRJfMnMAiKWp8k&cry=1&dbm_d=AKAmf-AGT8HuiSWmYx7PqT35sZIEbf4qG0vjB9zB_4U5skOu9ib7-zzYH0G7VfmPjozN_NhOe3Co2FSPF73tlGcdKmAZhCzr1F36wziaTJxEUtP9aPrGld4Ykd3gORMyGny3A4ujdXHBH0o9iUkfrOuWMMVJnYMwL7j427hyCh2Zd0ZZgGWjEzRqMK_0GuIHiE3imib0y5qcyoQavFeKJYW7MVYrno_F6aSvF4-KhBjyqMy3V4XR9KN0xLu8o20dbjVS06kzQIhyvq4xa2h0atbKRD9u1G_wGFDv3rO7FeLVXIJDeu4nuAA228w_y1KPloZo965xGCw6dufOimBQmzlwXGCyUvU1tTnFZCP0_xZbq0jYO8x4YntVJAhw5h7OpXs6cFTXm6nlwJPvU4HtAyNPdepd0QOvbl_ME_gLdJ5R4FC1opreCOh1HvttMwcopIZyvwEmEdshrHab7XqMVLa1JY69AbaF-Lgg_j2ivg7fxE_FqoTg1DPBGy3ZzCQz1z7L4-d7vWGXWYD6R4Vl6JgaTJZaNgTYR7Ew6Dzs-y926GnGpv8qAdr8r1QpQLlxmi8o4hs1WNfn1Z93WQ-BukUeLWipYeX7v3DSuCxUP4jIidTBgAKMjfH2RsZ1wU-DX_JZROqQgEL2uxO65XEfrzQdGOdsxHrO3DXVkcA7KRXnl6FuO0DbOOBLb4P13c_rkb3N6o9w2YMw_RMX8etwBtPgL6tdGSc7i9PR-gvkvCHT0zqkjWdqpRqIbeGupKPv1WTleW6u8Uok9nUC-mx8L_7UfuEAwoYc6NZOX7Egv4Ii1KwVgaHQTnM3-fLgpiDRVzRItujTQZxAPtpw66nU3LTPnKnf0hA2q-tb27pgoRYvfaxIRqQb_zXhPMga9YFYBO0C605Htp9mQEXTpDyiM91LoAM5v_WkDMdv-2UZyBKPsRKEqdfzicYn09z1hOE6wuOMpjorRGmLNrOVCPpmsg1uYgafk2ck-dqPwPGPYg9OJ9SF-P5affe656lBui4PdDdjksaT8n5Yh8i6xOSYvnr9_ZVDpxLwhyQM_UaLJj1WF9zlaSNPnKu6S6Ovw7vG6Qf-H99LEqCJ1XzPWGh8_aKQUfSuhyTuV50aBs_XoXEYsQsDZXgemexj0MpB8AwZoBBDEnk09fL6Xck8_6cVpEv0v1QSNb17VCpQJDEyt_pyUNVd6zaQyg1w33Y3IAWxGjRWD4Ax3yHU3MysJLgNSHDF4kWRF5625CmjQQV_8ine3aqZBhRU7-iGRmSpjO6pny5lf05okIQmX4ghSQNG2DFHydJ0F8ahKHmSQPAWlkd8HLwW2hLUDNV1SyNyb35HOpnsunTzHrIG2U9rvf_erPviveOsqPhs37I_O6xOvmBdD8pwecr1lyc3_m-bDOCcyFylekvzPLM-OydJ9H-o2NWudEnbU2XSD4zk_k1f6WCYmD_G1d1c88JkMelC9V9yslFrGZnBdHqdZgUWE3pvRXOnHlXfcvV_Z0ZE3h3J3XhAgNu96-5eT2JucRpZPdtnzbRMiQ6kV5eqSt3JdLWxFBfGblUTC01LHdLf5QOj8D5oWDKUlh0qZHMhHQGDp_hHXKAxL9y8eJuGuk3DBAg6ZBIp-OmOFxDBxLar5JKAGm6reuFRVpMPmd4UjiM198DvL8Fn2CYH8zxkBjU_vSb-txYEOCdhonX7jiLqaqe61d5soTMh0jhg2aRBJPsVNyGMg-kD0KzGwEYCr26ExN_pOlBd4ePxRKddf5M6SilmHGnqotYACKcRnsa3izN-XAc-9ANaTT0XsIR1UHM3krkQ9G0xrPhhTK5BLSMVQmy3zr3zbeEyoJHLopS6Je3jxEwL2h8H1ElKv3qaSfXyNWI3fWlWr2jZt7zHlOe1InPjSz3wZxQ_6PdX25GLnD7CCCNZFLSB7sCLCcaQRqbq2fA5Bk0oolznbcHg4R7DWu4lu1SUw4FdGOS5u0O8IEKQt7j7Twc5UY4PQ97Pp8WXh3Ha9mn4WX663xlahK6CreTt_4OFC1iajAYNvbw9a3j-m8xpzciZehbttnbW3lDtZsw0bo3rr9v-bcspKMtPL5jZdWVyzaIXbFJHnvQ18IBAAKTKYhcU9K_BfDuI_NblBGRl3Cug1vn8jmTPUtzjmNP3DBEpmn7bb4YUl8iKhM-Wt0eK3ExxYE6lkg-EJ4Si8qdy9pT9NVUlZejf1Kh4Yl1wyh9MZhigdYbuCDHmHNtkfgEUxYWuQEMGnKir7MGBQCWlWD-RFGSz52Qu2P4YLSzNqkqbAz_w-4zzisQPhPfLN8LMslcEgZEVPIZhU0VYxG6AUmkb6LcK7g0SF-E8jM9n12ulcAaZ8WBusurrSQPP_3LbnimQAtUm_8Q8jPoVWWkMz_yraDIKz23Fz1ga-Ud0CF5CP1zJ2tUF8dBbDV5AT-hUF-lC7HI9qIfjEa6F_oJ95XHdr7uUKSHzBRpr7SGfNrFWnetjjFlRdaIqX2w4cbbItXNqw6yLdCsSF3Y5R8syTLmuqOmIHzyxtpPiZEp-GrPzVh6aLSmQ-zulgmpDSks9zE928znAZ_0FoKLM5OQckxvwgD4mLk1IoXMyl3b_Zx6rVRyhU2POBfK3GFaHrOgGXcZRdx9ky31SvuMmRBVyLRsCzhQF2hrzmnQsfUWOeZ6bxP2UMgoVatk88V2cX8dpO4DlQ7CP0LDUBa8echjGFVc9siTbopTlStci2rFXjbAo6mUziUKjpyebJEGVWSUS2TQR9ic9OZhZ6x91b55adgse15rSw2kvJ1gJH9uoV1WwAEJo2CKQVSFVgoPYdIIQn_sxmQFJwpytldXaKuGTbcYeEr67sAaoNmjiT2Dui7W1Btq9FewAHrEpYv4JWqb_N2rRuFv07Uj7mgqZQkz9xTgfPuhkSheBax18miR7hfbhlUo0R7Z_G5tHrYzVxY7AhavhvebeqRv2UEPT8g_AACwheqPkeJfQ-PuPdEa4LoKx54pWotm5gJKKNEUghteVaSY02KVm7hV6ItQKBm9J57GDCmtmVxz06QleesChNtCyQMt-nvqW062IeB7cd1Y2MiBJjX2Ydy9kKyuMYqnMW3wck_1xMLajkV6RRGhaQAQ691heg5__rwXvk1g0Hetny1yKGk0UMKIhdGgZO6qMHJPVJd7tqqqXZnrUxK5bnQatUMt_uuUDx-w6F7pgdMClurFmLzjAXzbgEsXGoeHCarSNLB7llDvZT65QFVg4Os7IpTMo2c2fJUXXBeinpRoVDrHwHqdB_qg8PDpxEy2jfqyVGVnja0goLxILVXd-_MybM7rVL125x9Y88yMzrV09CG7_Yk2wsXhPTGTHfIQMPPMPC5IkFKFbl7Q98Ry7qiSRepASS2sc0RuwUm5IJZfOeEXC3qCJGJ-6NaYiVb6Y_k6UBkOlaGZZCmpWS9AAPGfGiFJUu1lc5A3VDpHaJTlzNBf8a1JELjUgQV6HvZmKZyd4RuICAlJ0fzS_X713P02f0snzp9FtuDwWKeyR7qsPk6dFeGz0ts1Yabn37c6-BXfGE0VHXrNvC2sHiSHQyrBy6WTvcgtmOtw9DfIOzx7yDtq-A69rplUp67FpUUOCvxYCe3Z31wPDGGR1b7wxpqsVSY2Rr-w_JjE&cid=CAQSGwBygQiDKHY_RHdtSAdlEXn2YBezIo05F-MDDhgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=0&iif=1&cor=6648248110078899000&adk=2753453199&idt=138&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4cf7dd2f5981a91b36e1c2a82e3b6d0b02d72845e273ed9c99f40ac5cc215b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35036
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.youronlinechoices.com/wp-content/plugins/optout/callback/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=B_EOnH1MItLPmS474lv2LMeylAU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.85.112.191 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
49c334c86f5c1c400299db62ec4b4a48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67d1eff4187776692400cf818ac90e2eb32115720d8a6cf2fdd1a355802d4fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
age
3048410
edge-cache-tag
385600290543437185772783954609302191142,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
385600290543437185772783954609302191142,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
613
req-referer
https://cocbases.com/th11-base-link/
content-length
7444
x-request-id
cfc3396808601d4a584be59dd68096d9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100106-IAD, cache-iad-kcgs7200156-IAD, cache-lax10642-LGB, cache-iad-kiad7000084-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 21 Mar 2023 22:08:31 GMT
server
nginx
x-timer
S1682522848.734656,VS0,VE1
etag
"c53015cd1cb9c131887dc6be4c2cb499"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 19, 1
img
pixel.mathtag.com/misc/ Frame A012 		43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=200022&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master zrh-pixel-x7 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Server
MT3 830 785530e master zrh-pixel-x7 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 Apr 2023 15:27:26 GMT
segoe-ui-400.ttf
adsdkprod.azureedge.net/assets/fonts/ Frame 7D5D 		290 KB
291 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/assets/fonts/segoe-ui-400.ttf
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c2fe7ec10f1c647f3a8b311871e442222035e4ecb95b9a5cc3a557af93768bc

Request headers

Referer
https://ultrasurfing.com/
Origin
https://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 15:27:27 GMT
last-modified
Mon, 27 Mar 2023 16:56:27 GMT
x-azure-ref-originshield
0Jj5IZAAAAADmH79XfsMrR78nVeTzvs/QRlJBMjMxMDUwNDE3MDUxADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
/7qJChuHPxqXNMFp5EeIKA==
etag
0x8DB2EE434F224E1
x-azure-ref
030JJZAAAAAAjmTpgb850RJmJZom5T/ZqRlJBMzFFREdFMDQxNQA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
1fb06796-a01e-006d-15b7-77f787000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
content-length
297208
segoe-ui-600.ttf
adsdkprod.azureedge.net/assets/fonts/ Frame 7D5D 		293 KB
294 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/assets/fonts/segoe-ui-600.ttf
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c446fca5516a0504b7f1b6f62bcb7b401e70477783bd121783e0bfbed9bbfc76

Request headers

Referer
https://ultrasurfing.com/
Origin
https://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 15:27:27 GMT
last-modified
Mon, 27 Mar 2023 16:57:33 GMT
x-azure-ref-originshield
0Jj5IZAAAAACrMa4nXXDXQq6xxuRoxkQDRlJBMjMxMDUwNDE4MDExADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
Yko060BR2qc/kBHcqkIMkw==
etag
0x8DB2EE45C300539
x-azure-ref
030JJZAAAAADwVcAC17q9Ro7um7Rkno+yRlJBMzFFREdFMDQxNQA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
fc5fbd25-d01e-004e-72b7-771bb2000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
content-length
300400
segoe-ui-700.ttf
adsdkprod.azureedge.net/assets/fonts/ Frame 7D5D 		296 KB
297 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/assets/fonts/segoe-ui-700.ttf
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fd6de231a90f1f4a0ecd6d338c89e5841df7abbf9dab57a41f7ffbd0139ff949

Request headers

Referer
https://ultrasurfing.com/
Origin
https://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 15:27:27 GMT
last-modified
Tue, 04 Apr 2023 16:51:36 GMT
x-azure-ref-originshield
0JT5IZAAAAABJHyGNCltBRrdjurlgKNprRlJBMjMxMDUwNDE3MDUxADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
1oCJo1RLz8LuFglIrfv9xg==
etag
0x8DB352CDA9B2FCD
x-azure-ref
030JJZAAAAABMR6Z6jaUTSqL9ytXiUc3mRlJBMzFFREdFMDQxNQA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
d0ee76a4-401e-00e7-45b7-77aec7000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
content-length
303612
c.gif
www.bing.com/aes/ Frame 7D5D
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d4ec7a0-e9f4-4df5-b8ac-ec2044c6430e&cmExpId=V3&oAdUnit=391466&publisherId=162645330&rId=2cc46134-7dcc-4ede-80e7-f0fa2de64820&rlink...
  • https://www.bing.com/aes/c.gif?DI=0
0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Server
2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 10FE9C01F4F34A488DEF07B46C016D7B Ref B: DUS30EDGE0418 Ref C: 2023-04-26T15:27:28Z
x-cdn-traceid
0.13d53e17.1682522848.1df32d0c
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 26 Apr 2023 15:27:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72BEF9F474A643D08F80F97F729FA1A7 Ref B: FRAEDGE1510 Ref C: 2023-04-26T15:27:28Z
x-cdn-traceid
0.13d53e17.1682522848.1df32c37
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
62
expires
0
rd_log
fra1-ib.adnxs.com/ Frame 7D5D 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKFBOgFAgAAAwDWAAUBCN6FpaIGEJqLk-fh9s2HWhgAKjYJflTDfk-skz8R_43Bs9Lejz8ZAAAA4FG4zj8h_w0SACkRJAAxCRuonj8wwOeTDTinPUC8CUhlUNfF4s0BWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG8LyYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC9v9b6gIZaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNcB3FiIBQGYBQCgBbzY5J7v8vrAZsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFucNP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG5EzaBhYKEAkRGQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTk4OTg2MTIwNDHIBwDSBw0VcAEyCNoHBgFpcBgA4AcA6gcCCADwB6HBAooIAhAAlQgAAIA_mAgB&s=df516ecc50ebfee8779efb91c079f7634816f93b&bdref=https%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fultrasurfing.com%2F,https%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:27 GMT
AN-X-Request-Uuid
43c2d038-7ee6-45fe-a52f-41e456f4a101
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8197 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=1155236521968776&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 8BDA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ultrasurfing.com&sn=ChromeSyncframe&so=0&topUrl=ultrasurfing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ufH2CXxaTlAzczdzSUJaZWNmUzVtOFk5NlRNdzNJSkpvK2xNVHNCa2xacGZ5SHpuWjBBdFh6NldwWE0vUHBKT21nK1R2dFp4UFYvZEVmSGxNUjhObXo1SVYwbkFXWjFtcTJDTGJCb3gvN3pGdnk1a3EweExxaVVQUk9CZW...
457 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ufH2CXxaTlAzczdzSUJaZWNmUzVtOFk5NlRNdzNJSkpvK2xNVHNCa2xacGZ5SHpuWjBBdFh6NldwWE0vUHBKT21nK1R2dFp4UFYvZEVmSGxNUjhObXo1SVYwbkFXWjFtcTJDTGJCb3gvN3pGdnk1a3EweExxaVVQUk9CZWU2bGJaK0JPQ29hZkhhMGhLbGJFVjNNRVg2YnNpNnd0L1dMUGRFQmllREpHSlRhQzZTb29UTUlyS0FIek53ejFzN2RjVFkxV1RlSEVZendNb3RuN01oWExYa243d3F3RzdqcElYYkIxOGlJZWlmWGxLa0pjWXNkM2k4ZWRkbzIzUW9lUjJ5OWdxWnN2NVROOHB5d21OZmYzRFNud0E0ZTdjcGdlb0RiZVk5bkR4VFk0LzBRRT18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fc2d30fedcd043be05b91f896ec2963ad4774ba80fd6818438f3a3b257cc6d95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2264546
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ufH2CXxaTlAzczdzSUJaZWNmUzVtOFk5NlRNdzNJSkpvK2xNVHNCa2xacGZ5SHpuWjBBdFh6NldwWE0vUHBKT21nK1R2dFp4UFYvZEVmSGxNUjhObXo1SVYwbkFXWjFtcTJDTGJCb3gvN3pGdnk1a3EweExxaVVQUk9CZWU2bGJaK0JPQ29hZkhhMGhLbGJFVjNNRVg2YnNpNnd0L1dMUGRFQmllREpHSlRhQzZTb29UTUlyS0FIek53ejFzN2RjVFkxV1RlSEVZendNb3RuN01oWExYa243d3F3RzdqcElYYkIxOGlJZWlmWGxLa0pjWXNkM2k4ZWRkbzIzUW9lUjJ5OWdxWnN2NVROOHB5d21OZmYzRFNud0E0ZTdjcGdlb0RiZVk5bkR4VFk0LzBRRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
396404
content-length
0
expires
0
img
pixel.mathtag.com/comp/ Frame A012 		0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master zrh-pixel-x4 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:27 GMT
Server
MT3 830 785530e master zrh-pixel-x4 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Wed, 26 Apr 2023 15:27:26 GMT
st
imprammp.taboola.com/ Frame 4BAF 		538 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1682522847916&uv=3270&tms=1682522847916&abt=nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9f6497dc-fdae-4d99-a537-ec533864f25d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3224a514a8b7464936f27192704f20562f8b1900a6c49b4ee91248757462e95

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 26 Apr 2023 15:27:28 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230022-FRA
x-timer
S1682522848.308374,VS0,VE9
sync
am-match.taboola.com/ Frame 5940 		538 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d3224a514a8b7464936f27192704f20562f8b1900a6c49b4ee91248757462e95

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 26 Apr 2023 15:27:28 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1682522847928&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1514&pt=-1475263756&tz=0&viewable=true&ddast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vA!smbs!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
019162622d7d1056dd54e47d9caad7fb0b5087ca580d1f68450992290b631b02

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 26 Apr 2023 15:27:28 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1419
x-cache
MISS
x-served-by
cache-fra-eddf8230022-FRA
pragma
no-cache
server
nginx
x-timer
S1682522848.937419,VS0,VE82
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=31589837&cb=1682522847916&uv=3270&tms=1682522847916&abt=nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1682522844796.6!ts:1682522847915&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
content-length
0
server
nginx
BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
pagead2.googlesyndication.com/bg/ Frame A598 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 09:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14156
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 09:41:09 GMT
dyeznpumnterqy825quj.mp4
cdn.taboola.com/libtrc/static/video/v1678970470/ 		735 KB
735 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1678970470/dyeznpumnterqy825quj.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4da6662a5ef0005329ee61bd2c3d36000bfa5e0a40865790aafdda94a3a48564

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
3xxYZ7SOiLpbZspCjZ3fL9fv7LiGH7Y5
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
QBSRFR4DNC691PV4
age
45
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-752168/752169
x-amz-replication-status
COMPLETED
Content-Length
752169
x-amz-id-2
8si10oLkQZ1Gts2Y2BWQP4YW5Eh4DgDhGQyyx2AthtQ/2NFjBkX2l/Ew2Si9zwzS1iNU6vsh/UQ=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Thu, 16 Mar 2023 12:41:17 GMT
server
AmazonS3
x-timer
S1682522848.127077,VS0,VE1
etag
"40fe706ce75b262bfebef0414c0afe40"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
baulpf3dmij5y1uerueb.mp4
cdn.taboola.com/libtrc/static/video/v1681113807/ 		507 KB
507 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681113807/baulpf3dmij5y1uerueb.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f65f97a4b8df6d6298c1ce56cc871d6076f6b68b20a24393db31a5ea10a6dd58

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
p5cOGTcL9wTowwEFvXh.ny7WafXAFipS
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
207KK0X2MW7Y9EZ9
age
21
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-518843/518844
x-amz-replication-status
COMPLETED
Content-Length
518844
x-amz-id-2
EpCI85vX6LlNYIFcEOm0ZYua4/o0I6uBWabAP2qrdWmmiXo6d5RszMNrgcTcSCpZYuCb7GqFpZU=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 10 Apr 2023 08:03:33 GMT
server
AmazonS3
x-timer
S1682522848.137526,VS0,VE1
etag
"59b1b0c56f37187e0e97df793e187afe"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6E9E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
Origin
https://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame 6E9E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AH4NZyPk7Lur7hyvoF0rXatXqUWX1aoL0MHiInDedc3e9OpeaNW6DJE7-KhRujKd-F3dW74GCNtuSqUh-PfRpdal14qTRFVYeWD21yjaJ1_C2t856ySz9tUJ3rYFKH3eDjwEsh423d4RierOgEt3bilroazrcxFJHOMuRJfMnMAiKWp8k&cry=1&dbm_d=AKAmf-AGT8HuiSWmYx7PqT35sZIEbf4qG0vjB9zB_4U5skOu9ib7-zzYH0G7VfmPjozN_NhOe3Co2FSPF73tlGcdKmAZhCzr1F36wziaTJxEUtP9aPrGld4Ykd3gORMyGny3A4ujdXHBH0o9iUkfrOuWMMVJnYMwL7j427hyCh2Zd0ZZgGWjEzRqMK_0GuIHiE3imib0y5qcyoQavFeKJYW7MVYrno_F6aSvF4-KhBjyqMy3V4XR9KN0xLu8o20dbjVS06kzQIhyvq4xa2h0atbKRD9u1G_wGFDv3rO7FeLVXIJDeu4nuAA228w_y1KPloZo965xGCw6dufOimBQmzlwXGCyUvU1tTnFZCP0_xZbq0jYO8x4YntVJAhw5h7OpXs6cFTXm6nlwJPvU4HtAyNPdepd0QOvbl_ME_gLdJ5R4FC1opreCOh1HvttMwcopIZyvwEmEdshrHab7XqMVLa1JY69AbaF-Lgg_j2ivg7fxE_FqoTg1DPBGy3ZzCQz1z7L4-d7vWGXWYD6R4Vl6JgaTJZaNgTYR7Ew6Dzs-y926GnGpv8qAdr8r1QpQLlxmi8o4hs1WNfn1Z93WQ-BukUeLWipYeX7v3DSuCxUP4jIidTBgAKMjfH2RsZ1wU-DX_JZROqQgEL2uxO65XEfrzQdGOdsxHrO3DXVkcA7KRXnl6FuO0DbOOBLb4P13c_rkb3N6o9w2YMw_RMX8etwBtPgL6tdGSc7i9PR-gvkvCHT0zqkjWdqpRqIbeGupKPv1WTleW6u8Uok9nUC-mx8L_7UfuEAwoYc6NZOX7Egv4Ii1KwVgaHQTnM3-fLgpiDRVzRItujTQZxAPtpw66nU3LTPnKnf0hA2q-tb27pgoRYvfaxIRqQb_zXhPMga9YFYBO0C605Htp9mQEXTpDyiM91LoAM5v_WkDMdv-2UZyBKPsRKEqdfzicYn09z1hOE6wuOMpjorRGmLNrOVCPpmsg1uYgafk2ck-dqPwPGPYg9OJ9SF-P5affe656lBui4PdDdjksaT8n5Yh8i6xOSYvnr9_ZVDpxLwhyQM_UaLJj1WF9zlaSNPnKu6S6Ovw7vG6Qf-H99LEqCJ1XzPWGh8_aKQUfSuhyTuV50aBs_XoXEYsQsDZXgemexj0MpB8AwZoBBDEnk09fL6Xck8_6cVpEv0v1QSNb17VCpQJDEyt_pyUNVd6zaQyg1w33Y3IAWxGjRWD4Ax3yHU3MysJLgNSHDF4kWRF5625CmjQQV_8ine3aqZBhRU7-iGRmSpjO6pny5lf05okIQmX4ghSQNG2DFHydJ0F8ahKHmSQPAWlkd8HLwW2hLUDNV1SyNyb35HOpnsunTzHrIG2U9rvf_erPviveOsqPhs37I_O6xOvmBdD8pwecr1lyc3_m-bDOCcyFylekvzPLM-OydJ9H-o2NWudEnbU2XSD4zk_k1f6WCYmD_G1d1c88JkMelC9V9yslFrGZnBdHqdZgUWE3pvRXOnHlXfcvV_Z0ZE3h3J3XhAgNu96-5eT2JucRpZPdtnzbRMiQ6kV5eqSt3JdLWxFBfGblUTC01LHdLf5QOj8D5oWDKUlh0qZHMhHQGDp_hHXKAxL9y8eJuGuk3DBAg6ZBIp-OmOFxDBxLar5JKAGm6reuFRVpMPmd4UjiM198DvL8Fn2CYH8zxkBjU_vSb-txYEOCdhonX7jiLqaqe61d5soTMh0jhg2aRBJPsVNyGMg-kD0KzGwEYCr26ExN_pOlBd4ePxRKddf5M6SilmHGnqotYACKcRnsa3izN-XAc-9ANaTT0XsIR1UHM3krkQ9G0xrPhhTK5BLSMVQmy3zr3zbeEyoJHLopS6Je3jxEwL2h8H1ElKv3qaSfXyNWI3fWlWr2jZt7zHlOe1InPjSz3wZxQ_6PdX25GLnD7CCCNZFLSB7sCLCcaQRqbq2fA5Bk0oolznbcHg4R7DWu4lu1SUw4FdGOS5u0O8IEKQt7j7Twc5UY4PQ97Pp8WXh3Ha9mn4WX663xlahK6CreTt_4OFC1iajAYNvbw9a3j-m8xpzciZehbttnbW3lDtZsw0bo3rr9v-bcspKMtPL5jZdWVyzaIXbFJHnvQ18IBAAKTKYhcU9K_BfDuI_NblBGRl3Cug1vn8jmTPUtzjmNP3DBEpmn7bb4YUl8iKhM-Wt0eK3ExxYE6lkg-EJ4Si8qdy9pT9NVUlZejf1Kh4Yl1wyh9MZhigdYbuCDHmHNtkfgEUxYWuQEMGnKir7MGBQCWlWD-RFGSz52Qu2P4YLSzNqkqbAz_w-4zzisQPhPfLN8LMslcEgZEVPIZhU0VYxG6AUmkb6LcK7g0SF-E8jM9n12ulcAaZ8WBusurrSQPP_3LbnimQAtUm_8Q8jPoVWWkMz_yraDIKz23Fz1ga-Ud0CF5CP1zJ2tUF8dBbDV5AT-hUF-lC7HI9qIfjEa6F_oJ95XHdr7uUKSHzBRpr7SGfNrFWnetjjFlRdaIqX2w4cbbItXNqw6yLdCsSF3Y5R8syTLmuqOmIHzyxtpPiZEp-GrPzVh6aLSmQ-zulgmpDSks9zE928znAZ_0FoKLM5OQckxvwgD4mLk1IoXMyl3b_Zx6rVRyhU2POBfK3GFaHrOgGXcZRdx9ky31SvuMmRBVyLRsCzhQF2hrzmnQsfUWOeZ6bxP2UMgoVatk88V2cX8dpO4DlQ7CP0LDUBa8echjGFVc9siTbopTlStci2rFXjbAo6mUziUKjpyebJEGVWSUS2TQR9ic9OZhZ6x91b55adgse15rSw2kvJ1gJH9uoV1WwAEJo2CKQVSFVgoPYdIIQn_sxmQFJwpytldXaKuGTbcYeEr67sAaoNmjiT2Dui7W1Btq9FewAHrEpYv4JWqb_N2rRuFv07Uj7mgqZQkz9xTgfPuhkSheBax18miR7hfbhlUo0R7Z_G5tHrYzVxY7AhavhvebeqRv2UEPT8g_AACwheqPkeJfQ-PuPdEa4LoKx54pWotm5gJKKNEUghteVaSY02KVm7hV6ItQKBm9J57GDCmtmVxz06QleesChNtCyQMt-nvqW062IeB7cd1Y2MiBJjX2Ydy9kKyuMYqnMW3wck_1xMLajkV6RRGhaQAQ691heg5__rwXvk1g0Hetny1yKGk0UMKIhdGgZO6qMHJPVJd7tqqqXZnrUxK5bnQatUMt_uuUDx-w6F7pgdMClurFmLzjAXzbgEsXGoeHCarSNLB7llDvZT65QFVg4Os7IpTMo2c2fJUXXBeinpRoVDrHwHqdB_qg8PDpxEy2jfqyVGVnja0goLxILVXd-_MybM7rVL125x9Y88yMzrV09CG7_Yk2wsXhPTGTHfIQMPPMPC5IkFKFbl7Q98Ry7qiSRepASS2sc0RuwUm5IJZfOeEXC3qCJGJ-6NaYiVb6Y_k6UBkOlaGZZCmpWS9AAPGfGiFJUu1lc5A3VDpHaJTlzNBf8a1JELjUgQV6HvZmKZyd4RuICAlJ0fzS_X713P02f0snzp9FtuDwWKeyR7qsPk6dFeGz0ts1Yabn37c6-BXfGE0VHXrNvC2sHiSHQyrBy6WTvcgtmOtw9DfIOzx7yDtq-A69rplUp67FpUUOCvxYCe3Z31wPDGGR1b7wxpqsVSY2Rr-w_JjE&cid=CAQSGwBygQiDKHY_RHdtSAdlEXn2YBezIo05F-MDDhgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=0&iif=1&cor=6648248110078899000&adk=2753453199&idt=138&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
82475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:32:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 6E9E 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AH4NZyPk7Lur7hyvoF0rXatXqUWX1aoL0MHiInDedc3e9OpeaNW6DJE7-KhRujKd-F3dW74GCNtuSqUh-PfRpdal14qTRFVYeWD21yjaJ1_C2t856ySz9tUJ3rYFKH3eDjwEsh423d4RierOgEt3bilroazrcxFJHOMuRJfMnMAiKWp8k&cry=1&dbm_d=AKAmf-AGT8HuiSWmYx7PqT35sZIEbf4qG0vjB9zB_4U5skOu9ib7-zzYH0G7VfmPjozN_NhOe3Co2FSPF73tlGcdKmAZhCzr1F36wziaTJxEUtP9aPrGld4Ykd3gORMyGny3A4ujdXHBH0o9iUkfrOuWMMVJnYMwL7j427hyCh2Zd0ZZgGWjEzRqMK_0GuIHiE3imib0y5qcyoQavFeKJYW7MVYrno_F6aSvF4-KhBjyqMy3V4XR9KN0xLu8o20dbjVS06kzQIhyvq4xa2h0atbKRD9u1G_wGFDv3rO7FeLVXIJDeu4nuAA228w_y1KPloZo965xGCw6dufOimBQmzlwXGCyUvU1tTnFZCP0_xZbq0jYO8x4YntVJAhw5h7OpXs6cFTXm6nlwJPvU4HtAyNPdepd0QOvbl_ME_gLdJ5R4FC1opreCOh1HvttMwcopIZyvwEmEdshrHab7XqMVLa1JY69AbaF-Lgg_j2ivg7fxE_FqoTg1DPBGy3ZzCQz1z7L4-d7vWGXWYD6R4Vl6JgaTJZaNgTYR7Ew6Dzs-y926GnGpv8qAdr8r1QpQLlxmi8o4hs1WNfn1Z93WQ-BukUeLWipYeX7v3DSuCxUP4jIidTBgAKMjfH2RsZ1wU-DX_JZROqQgEL2uxO65XEfrzQdGOdsxHrO3DXVkcA7KRXnl6FuO0DbOOBLb4P13c_rkb3N6o9w2YMw_RMX8etwBtPgL6tdGSc7i9PR-gvkvCHT0zqkjWdqpRqIbeGupKPv1WTleW6u8Uok9nUC-mx8L_7UfuEAwoYc6NZOX7Egv4Ii1KwVgaHQTnM3-fLgpiDRVzRItujTQZxAPtpw66nU3LTPnKnf0hA2q-tb27pgoRYvfaxIRqQb_zXhPMga9YFYBO0C605Htp9mQEXTpDyiM91LoAM5v_WkDMdv-2UZyBKPsRKEqdfzicYn09z1hOE6wuOMpjorRGmLNrOVCPpmsg1uYgafk2ck-dqPwPGPYg9OJ9SF-P5affe656lBui4PdDdjksaT8n5Yh8i6xOSYvnr9_ZVDpxLwhyQM_UaLJj1WF9zlaSNPnKu6S6Ovw7vG6Qf-H99LEqCJ1XzPWGh8_aKQUfSuhyTuV50aBs_XoXEYsQsDZXgemexj0MpB8AwZoBBDEnk09fL6Xck8_6cVpEv0v1QSNb17VCpQJDEyt_pyUNVd6zaQyg1w33Y3IAWxGjRWD4Ax3yHU3MysJLgNSHDF4kWRF5625CmjQQV_8ine3aqZBhRU7-iGRmSpjO6pny5lf05okIQmX4ghSQNG2DFHydJ0F8ahKHmSQPAWlkd8HLwW2hLUDNV1SyNyb35HOpnsunTzHrIG2U9rvf_erPviveOsqPhs37I_O6xOvmBdD8pwecr1lyc3_m-bDOCcyFylekvzPLM-OydJ9H-o2NWudEnbU2XSD4zk_k1f6WCYmD_G1d1c88JkMelC9V9yslFrGZnBdHqdZgUWE3pvRXOnHlXfcvV_Z0ZE3h3J3XhAgNu96-5eT2JucRpZPdtnzbRMiQ6kV5eqSt3JdLWxFBfGblUTC01LHdLf5QOj8D5oWDKUlh0qZHMhHQGDp_hHXKAxL9y8eJuGuk3DBAg6ZBIp-OmOFxDBxLar5JKAGm6reuFRVpMPmd4UjiM198DvL8Fn2CYH8zxkBjU_vSb-txYEOCdhonX7jiLqaqe61d5soTMh0jhg2aRBJPsVNyGMg-kD0KzGwEYCr26ExN_pOlBd4ePxRKddf5M6SilmHGnqotYACKcRnsa3izN-XAc-9ANaTT0XsIR1UHM3krkQ9G0xrPhhTK5BLSMVQmy3zr3zbeEyoJHLopS6Je3jxEwL2h8H1ElKv3qaSfXyNWI3fWlWr2jZt7zHlOe1InPjSz3wZxQ_6PdX25GLnD7CCCNZFLSB7sCLCcaQRqbq2fA5Bk0oolznbcHg4R7DWu4lu1SUw4FdGOS5u0O8IEKQt7j7Twc5UY4PQ97Pp8WXh3Ha9mn4WX663xlahK6CreTt_4OFC1iajAYNvbw9a3j-m8xpzciZehbttnbW3lDtZsw0bo3rr9v-bcspKMtPL5jZdWVyzaIXbFJHnvQ18IBAAKTKYhcU9K_BfDuI_NblBGRl3Cug1vn8jmTPUtzjmNP3DBEpmn7bb4YUl8iKhM-Wt0eK3ExxYE6lkg-EJ4Si8qdy9pT9NVUlZejf1Kh4Yl1wyh9MZhigdYbuCDHmHNtkfgEUxYWuQEMGnKir7MGBQCWlWD-RFGSz52Qu2P4YLSzNqkqbAz_w-4zzisQPhPfLN8LMslcEgZEVPIZhU0VYxG6AUmkb6LcK7g0SF-E8jM9n12ulcAaZ8WBusurrSQPP_3LbnimQAtUm_8Q8jPoVWWkMz_yraDIKz23Fz1ga-Ud0CF5CP1zJ2tUF8dBbDV5AT-hUF-lC7HI9qIfjEa6F_oJ95XHdr7uUKSHzBRpr7SGfNrFWnetjjFlRdaIqX2w4cbbItXNqw6yLdCsSF3Y5R8syTLmuqOmIHzyxtpPiZEp-GrPzVh6aLSmQ-zulgmpDSks9zE928znAZ_0FoKLM5OQckxvwgD4mLk1IoXMyl3b_Zx6rVRyhU2POBfK3GFaHrOgGXcZRdx9ky31SvuMmRBVyLRsCzhQF2hrzmnQsfUWOeZ6bxP2UMgoVatk88V2cX8dpO4DlQ7CP0LDUBa8echjGFVc9siTbopTlStci2rFXjbAo6mUziUKjpyebJEGVWSUS2TQR9ic9OZhZ6x91b55adgse15rSw2kvJ1gJH9uoV1WwAEJo2CKQVSFVgoPYdIIQn_sxmQFJwpytldXaKuGTbcYeEr67sAaoNmjiT2Dui7W1Btq9FewAHrEpYv4JWqb_N2rRuFv07Uj7mgqZQkz9xTgfPuhkSheBax18miR7hfbhlUo0R7Z_G5tHrYzVxY7AhavhvebeqRv2UEPT8g_AACwheqPkeJfQ-PuPdEa4LoKx54pWotm5gJKKNEUghteVaSY02KVm7hV6ItQKBm9J57GDCmtmVxz06QleesChNtCyQMt-nvqW062IeB7cd1Y2MiBJjX2Ydy9kKyuMYqnMW3wck_1xMLajkV6RRGhaQAQ691heg5__rwXvk1g0Hetny1yKGk0UMKIhdGgZO6qMHJPVJd7tqqqXZnrUxK5bnQatUMt_uuUDx-w6F7pgdMClurFmLzjAXzbgEsXGoeHCarSNLB7llDvZT65QFVg4Os7IpTMo2c2fJUXXBeinpRoVDrHwHqdB_qg8PDpxEy2jfqyVGVnja0goLxILVXd-_MybM7rVL125x9Y88yMzrV09CG7_Yk2wsXhPTGTHfIQMPPMPC5IkFKFbl7Q98Ry7qiSRepASS2sc0RuwUm5IJZfOeEXC3qCJGJ-6NaYiVb6Y_k6UBkOlaGZZCmpWS9AAPGfGiFJUu1lc5A3VDpHaJTlzNBf8a1JELjUgQV6HvZmKZyd4RuICAlJ0fzS_X713P02f0snzp9FtuDwWKeyR7qsPk6dFeGz0ts1Yabn37c6-BXfGE0VHXrNvC2sHiSHQyrBy6WTvcgtmOtw9DfIOzx7yDtq-A69rplUp67FpUUOCvxYCe3Z31wPDGGR1b7wxpqsVSY2Rr-w_JjE&cid=CAQSGwBygQiDKHY_RHdtSAdlEXn2YBezIo05F-MDDhgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=0&iif=1&cor=6648248110078899000&adk=2753453199&idt=138&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
82518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:32:10 GMT
49c334c86f5c1c400299db62ec4b4a48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67d1eff4187776692400cf818ac90e2eb32115720d8a6cf2fdd1a355802d4fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49c334c86f5c1c400299db62ec4b4a48.jpg
age
3048410
edge-cache-tag
385600290543437185772783954609302191142,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
385600290543437185772783954609302191142,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
613
req-referer
https://cocbases.com/th11-base-link/
content-length
7444
x-request-id
cfc3396808601d4a584be59dd68096d9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100106-IAD, cache-iad-kcgs7200156-IAD, cache-lax10642-LGB, cache-iad-kiad7000084-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 21 Mar 2023 22:08:31 GMT
server
nginx
x-timer
S1682522848.186343,VS0,VE0
etag
"c53015cd1cb9c131887dc6be4c2cb499"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 19, 2
truncated
/ Frame 7D5D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
552041e48635f37e185eb603ac572b8b4e9978e95a4aefebf5115fd0ac2cb14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=1b148605367581fe15d18451341fcd9c&sd=v2_bd71173f20988df7c1db47b4976543fa_1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e_1682522846_1682522847_CIi3jgYQ8-NDGPjmtPH7MCABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABowPup8duG3vbwAXAA&ui=1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e&pi=/&wi=-1709852854480885386&pt=home&vi=1682522846072&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1682522848200%7D&tim=15%3A27%3A28.200&id=3549&llvl=2&cv=20230420-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
4f40df7a253972dd85bbf8b75ca94b47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f40df7a253972dd85bbf8b75ca94b47.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04b98cc04aa55c6e947d489b64addfee0bef309aa546824b1c9c75e1ec2bd0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f40df7a253972dd85bbf8b75ca94b47.jpg
age
3002606
edge-cache-tag
630368363784481036990648515797078232260,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
630368363784481036990648515797078232260,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
196
expiration
expiry-date="Fri, 31 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://load.ultrasurfing.com/news/
content-length
73012
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100106-IAD, cache-chi-kigq8000052-CHI, cache-iad-kiad7000082-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 28 Feb 2023 10:00:32 GMT
server
nginx
x-timer
S1682522848.219425,VS0,VE2
etag
"e320852f71b7c0f0cd19d34c91b1d5dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 1
6cfa448794ea189827e3c5c70b3e18a2.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_613,y_488/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_613,y_488/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cfa448794ea189827e3c5c70b3e18a2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5a22024876fea7d745e8ed4e6ab57125c187ac5cc2daab9e04255d2707eae21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_613,y_488/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cfa448794ea189827e3c5c70b3e18a2.jpg
age
1131007
edge-cache-tag
304893020472290177517751531123863051560,383049194995521733229400757664728860696,29ecf9b93bbf306179626feeda1fab70
cache-tag
304893020472290177517751531123863051560,383049194995521733229400757664728860696,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
845
req-referer
https://dl.gmx.net/
content-length
23182
x-request-id
2a2d7eacb9c58130da66496f93179dd3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kjyo7100153-IAD, cache-lax10636-LGB, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 11 Apr 2023 15:58:00 GMT
server
nginx
x-timer
S1682522848.225976,VS0,VE1
etag
"d54a9672ecb007818d31794fb03000ed"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
ef673b44c8958613e3e308bad95432b3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef673b44c8958613e3e308bad95432b3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24ffbb0f8d6b247d929cbeec75000703a3a04695323cec5c2ddbfad6fcf6cb5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef673b44c8958613e3e308bad95432b3.jpg
age
1032146
edge-cache-tag
548417265422015060570471374399216809679,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
548417265422015060570471374399216809679,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
86
req-referer
https://www.cnbc.com/
content-length
14818
x-request-id
114427569eee0eb31dcd92ee9f2c9370
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100113-IAD, cache-iad-kcgs7200040-IAD, cache-chi-klot8100114-CHI, cache-iad-kcgs7200078-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 14 Apr 2023 14:09:02 GMT
server
nginx
x-timer
S1682522848.225992,VS0,VE6
etag
"f122850c42939d1ce6823bce0548160b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 147, 1
225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac620699086f9dd7de888f4c53c52d64a623ae218b2b739ae8d6373e9baf3beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age
1322413
edge-cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gamesradar.com/
content-length
25422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100048-IAD, cache-lga21934-LGA, cache-iad-kjyo7100153-IAD, cache-fra-eddf8230022-FRA
last-modified
Mon, 27 Mar 2023 10:19:03 GMT
server
nginx
x-timer
S1682522848.246094,VS0,VE1
etag
"ffbb4f2f516348d2d91eea4af6797e09"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4400, 1
8cbb9eb5e29a1ab5f88f46d72a878cd1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cbb9eb5e29a1ab5f88f46d72a878cd1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdba0a6dcecf9e71166cd25f1edbdaa503d5f9daaca1ee609e8516723aa21e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cbb9eb5e29a1ab5f88f46d72a878cd1.jpg
age
1032171
edge-cache-tag
518841758251000878122664468035258391162,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
518841758251000878122664468035258391162,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
390
req-referer
https://sports.ndtv.com/
content-length
8542
x-request-id
e5081cce55f88ed3562e2fe81f64be64
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200160-IAD, cache-iad-kcgs7200074-IAD, cache-chi-kigq8000141-CHI, cache-iad-kcgs7200040-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 14 Apr 2023 14:07:46 GMT
server
nginx
x-timer
S1682522848.249319,VS0,VE1
etag
"6891bbb12cc0dfc6a144a62e6e7a7dce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1936, 1
b4812697f484040f520e7565606d90cc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b4812697f484040f520e7565606d90cc.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
db1667a1767ab748b1fc0d11afa86c01d330e28596507e3d69a68a814f1671c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b4812697f484040f520e7565606d90cc.png
age
6049130
edge-cache-tag
540770107261199872602461334425518508848,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
540770107261199872602461334425518508848,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
180
expiration
expiry-date="Sun, 12 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://pplus.ynet.co.il/paparazzi
content-length
8430
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kcgs7200097-IAD, cache-bur-kbur8200030-BUR, cache-iad-kcgs7200021-IAD, cache-fra-eddf8230022-FRA
last-modified
Thu, 09 Feb 2023 09:48:36 GMT
server
nginx
x-timer
S1682522848.249351,VS0,VE1
etag
"392a0f4a64fcd1f203a457e9ef22cbb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 123, 1
01ae6c65869e129d2a320714103ddc12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01ae6c65869e129d2a320714103ddc12.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
366880a2cd2848131cb136b871d81abbb5496b2c972bfde6f6c3179735235e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01ae6c65869e129d2a320714103ddc12.jpg
age
719211
edge-cache-tag
448434003118764312882296438086708452494,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
448434003118764312882296438086708452494,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
429
req-referer
https://ultrasurfing.com/
content-length
51800
x-request-id
e547a673bae46b1c5bc1e63e9536e45a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100077-IAD, cache-iad-kjyo7100174-IAD, cache-chi-klot8100093-CHI, cache-iad-kjyo7100135-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 18 Apr 2023 07:38:12 GMT
server
nginx
x-timer
S1682522848.255271,VS0,VE2
etag
"8f075f860be063110c46f68a9e4d148d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 24, 1
be7ce75336ff98d978f60a1f3b0b4c12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be7ce75336ff98d978f60a1f3b0b4c12.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
13dedcd4ce3549c07e1e14ce874c0105d8d335ccf5abd552b0cbb0f65d9e8dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be7ce75336ff98d978f60a1f3b0b4c12.jpg
age
1125693
edge-cache-tag
613596851662274880702841692821624807522,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
613596851662274880702841692821624807522,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1532
req-referer
https://flytant.com/
content-length
19692
x-request-id
2c1d8d982c7676b1990aa87906aca03b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100113-IAD, cache-chi-kigq8000134-CHI, cache-iad-kcgs7200028-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 05 Apr 2023 13:22:52 GMT
server
nginx
x-timer
S1682522848.256195,VS0,VE1
etag
"134b16d58312fc8d91e49ab6a41f983f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 189, 1
f5b4abcb69a0972461102a1211b357bd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5b4abcb69a0972461102a1211b357bd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c76f4a9d4dd6b74fb4030a555789ffc7e6b57c9c131b281702a95d5dbbe48ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5b4abcb69a0972461102a1211b357bd.jpg
age
1822267
edge-cache-tag
624820021917003069993274619182512787948,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
624820021917003069993274619182512787948,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
176
expiration
expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/
content-length
6848
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200070-IAD, cache-iad-kjyo7100047-IAD, cache-lax10648-LGB, cache-iad-kiad7000179-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 21 Mar 2023 14:32:22 GMT
server
nginx
x-timer
S1682522848.258883,VS0,VE0
etag
"759bdcf492df08d4a5eb202421c50bdc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 101, 2
49e30cfb47e21c67f25095d2d7f086a6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3eb1dcd0e74495f84822ba68bc239aa63c0fcf043c4f050988fa66e8e8ce9e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
age
2428348
edge-cache-tag
594755705797379670550579562063071952825,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
594755705797379670550579562063071952825,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
206
expiration
expiry-date="Sat, 08 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://home2.ultrasurfing.com/
content-length
44420
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200134-IAD, cache-iad-kiad7000172-IAD, cache-lax10638-LGB, cache-iad-kjyo7100032-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 08 Mar 2023 07:50:04 GMT
server
nginx
x-timer
S1682522848.260447,VS0,VE1
etag
"2a1f52e7933a7d56f9305e07541d1b79"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 124, 1
852ea4fccf91347a6d46076162c3d5f2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/852ea4fccf91347a6d46076162c3d5f2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a40db77b7ee185ea8aa8764eaca37df8760e2f17864b2e34b083580594c3b23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/852ea4fccf91347a6d46076162c3d5f2.jpg
age
452976
edge-cache-tag
362493024423800341070329193208323191403,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
362493024423800341070329193208323191403,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
524
req-referer
https://www.insight.co.kr/news/436353?fbclid=IwAR1rDU-OJbsxUwF_PArWiWPzgSuhKoYywt8uxDugG-U0Q20hruPTjzsLL6w
content-length
23684
x-request-id
4db5db5359b4d2cb887e65313817728b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100022-IAD, cache-iad-kiad7000139-IAD, cache-lax10656-LGB, cache-iad-kjyo7100066-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 21 Apr 2023 08:21:00 GMT
server
nginx
x-timer
S1682522848.261698,VS0,VE4
etag
"438a92f712a375bbad15484f372165a1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
030a5d886a4268c7c31f5c6ae11daefd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/030a5d886a4268c7c31f5c6ae11daefd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6276b58eeacc0f6c5c05d4d113c6e0ab0cc6004cf6a0df18df2d0396f1819b16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/030a5d886a4268c7c31f5c6ae11daefd.jpg
age
944458
edge-cache-tag
525497743208257157767033601979609771204,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
525497743208257157767033601979609771204,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
731
req-referer
https://www.tips-and-tricks.co/
content-length
52908
x-request-id
20c53de3a327631107330c98a99fed38
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000028-IAD, cache-iad-kiad7000153-IAD, cache-lga21933-LGA, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230022-FRA
last-modified
Sat, 15 Apr 2023 10:56:03 GMT
server
nginx
x-timer
S1682522848.270625,VS0,VE1
etag
"a86700beae6c895e937e9b289de0a5f0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 46, 1
43c6be18adc7b3a313ed18d400491de7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c6be18adc7b3a313ed18d400491de7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7843548832366940bed0c48b1c39df67280f78aee7c0ddc815751a8bec202f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c6be18adc7b3a313ed18d400491de7.jpg
age
1898863
edge-cache-tag
335761690577131517821100119639240908415,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
335761690577131517821100119639240908415,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
292
req-referer
https://www.tipsandtricksjapan.com/%E6%A7%98%E3%80%85%E3%81%AA/sportspics/7/
content-length
22046
x-request-id
805ffe5603f01234f46339b9b9f4b506
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200027-IAD, cache-lax10633-LGB, cache-iad-kiad7000048-IAD, cache-fra-eddf8230022-FRA
last-modified
Sat, 01 Apr 2023 02:48:45 GMT
server
nginx
x-timer
S1682522848.270580,VS0,VE3
etag
"9982082f83885e3d4725b8182b3a9553"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 18, 1
604f64db35ad7d8e32fc4a7cffa729ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12c9ac55dbbb5a001ce96ef809fa7d647a07235dbbbbc72aac8a5adf7da7d63f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age
2525878
edge-cache-tag
380932827776598572844696039841441315722,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
380932827776598572844696039841441315722,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Wed, 26 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bhg.com.au/arnotts-iced-vo-vo-recipe
content-length
25530
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200147-IAD, cache-iad-kiad7000126-IAD, cache-chi-klot8100099-CHI, cache-iad-kiad7000162-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 26 Mar 2023 19:29:32 GMT
server
nginx
x-timer
S1682522848.270505,VS0,VE2
etag
"409464c4e159e73a56c214530879fb54"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 91, 1
vevent
fra1-ib.adnxs.com/ Frame 7D5D 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLxBuhxAwAAAwDWAAUBCN6FpaIGEPPah-_PgorHIBgAKjYJzWUgICV7ij8RtmC4ETAoiT8ZAAAAIIXr0T8htg0SACkRJMgxAAAAQOF6pD8ww-eTDTinPUC1XkjjA1C6iYq2AVjMzk1gAGjC4GZ4AIABAYoBA1VTRJIFBvBbmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIZaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDF6ADAaoD-wIKpQIRLxR3d3cuYmkNK_BeYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MmNjNDYxMzQtN2RjYy00ZWRlLTgwZTctZjBmYTJkZTY0ODIwJmNtRXhwSWQ9VjMmb0EyRABUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOklkAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc1ODc1MjMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgF6emYlM0Fhbmd2aXJxdmZjeW5sJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM0NTg1NjUyNjUzMDUwNjA5OSIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05EYzJNakk0TlRZNE16TTPAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWbqNP_oOivvDnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AVw-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAABUl0AAAQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JDSMFJAzaBwYIBQlo4AcA6gcCCADwB6HBAooIAhAAlQgAAIA_mAgB&s=96e20b9d3bd6d773e8a76dd5ea0024d7fc72adb3&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=3488233201378752803&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587523&sw=1600&sh=1200&pw=1600&ph=6356&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:28 GMT
AN-X-Request-Uuid
da1563cc-4b3a-421a-9109-3a5d49b5a255
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
th
www.bing.com/ Frame 7D5D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OPE.wrA%2brwxkNX4AUA300C300&pid=21.1&w=100&h=100&c=17
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
337645bd51778fdb8a0b67f632c48007ade2265186915085e3cb4dd1d645b9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.13d53e17.1682522848.1df32c2f
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
2097
alt-svc
h3=":443"; ma=93600
bulk
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
14
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522848.340597,VS0,VE14
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
g58n7ttewumnsgemmkx5.mp4
cdn.taboola.com/libtrc/static/video/v1680770410/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1680770410/g58n7ttewumnsgemmkx5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
mKEvkdgCAZpv8wH0Nb6JK5AKPzX3gP_E
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
9E829PE6Z8M08HRZ
age
77
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1133441/1133442
x-amz-replication-status
COMPLETED
Content-Length
1133442
x-amz-id-2
VREgEOVS9BT1WjuM+LAf0+A8jA6Me/bS3CMskTa39WYnRwFTyFABKQJJaf3nbmQdIPBBhFrR+wA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Thu, 06 Apr 2023 08:40:20 GMT
server
AmazonS3
x-timer
S1682522848.340043,VS0,VE1
etag
"5cdc25693b01a36bfabe5203c9f55c70"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
tkj89jlwfbbh3kjigpqe.mp4
cdn.taboola.com/libtrc/static/video/v1680769831/ 		562 KB
563 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1680769831/tkj89jlwfbbh3kjigpqe.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8157c627685ef9620478a64c85ada02d6d1771620b29c7c33856ec70381d288

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
T44UNTGLygMlVkYgztlx610SqsUiDIH1
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
GRR7JFV473VV4MSV
age
5
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-575765/575766
x-amz-replication-status
COMPLETED
Content-Length
575766
x-amz-id-2
wRANQjFOtSoxcbjOp+DpxN+t2pz8wzC/vLb9dLOeHV5ZmqyhZuU8FnypOhuYdikNdB8QYNQoXZg=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Thu, 06 Apr 2023 08:30:39 GMT
server
AmazonS3
x-timer
S1682522848.340027,VS0,VE2
etag
"357fadaae9648c9a978abf519c6579cb"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
spdi9xrjijwpj6cd3snx.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1681726569/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1681726569/spdi9xrjijwpj6cd3snx.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
228935d212c1f330fe0795c096da16ddb1da86d049fc8b9106362f3ce436836e

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
OPm4S4BpQduitxH8SCdCqwVLOcIFBfqc
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
K29YBFASQPP7PBQ4
age
23
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1177354/1177355
x-amz-replication-status
COMPLETED
Content-Length
1177355
x-amz-id-2
8MtuHvJDyvhG86GDXWBkOryXzx2AeLTULVgKkcC9RxBBSChPTb4ZV9oRVM8OY1N8bxU82CbMB88=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 17 Apr 2023 10:16:30 GMT
server
AmazonS3
x-timer
S1682522848.340081,VS0,VE3
etag
"8c4a93bf853138d94ae1e81001d9a09c"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sbfcvda1gqwcij41gdnv.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/ 		303 KB
303 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/sbfcvda1gqwcij41gdnv.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
NHwYfLNYVEAbRmtYbe2mDdvej_0WkCnZ
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
V5BH1CYAFRC086QM
age
0
x-cache
HIT
Content-Range
bytes 0-310206/310207
x-amz-replication-status
COMPLETED
Content-Length
310207
x-amz-id-2
SYr0gLwug5SSGZm8Ua4lfgPcnipdy08STuRUs2GBrgh+cFlHGIGKDJJF7GtHyq9ka24zgmZclgE=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 15 Jun 2022 10:44:31 GMT
server
AmazonS3
x-timer
S1682522848.391430,VS0,VE154
etag
"c54599e9c7c442de75cbb6db4644fb1e"
content-type
video/mp4;codecs=avc1
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522848.405994,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522848.406073,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 4BAF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1682522847916&uv=3270&tms=1682522847916&abt=nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9f6497dc-fdae-4d99-a537-ec533864f25d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
%USER_ID%
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4BAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1682522847916&uv=3270&tms=1682522847916&abt=nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9f6497dc-fdae-4d99-a537-ec533864f25d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:66be:b78c:9970:b3c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pd
google-bidout-d.openx.net/w/1.0/ Frame DB4B 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 26 Apr 2023 15:27:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_7_0/infra/ 		899 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
203316af71b5e6266f6b921ce23ebf03baa8bcb293645da6b9c78718d6c6def7

Request headers

Referer
https://ultrasurfing.com/
Origin
https://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327252
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FEM9C9Z2G07348RP
age
195464
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327253
x-amz-meta-mode
33188
content-length
150749
x-amz-id-2
AbOknE//iPKn3JK165/Qwdu+8n1rcdoHCD62PX0PGb/frZoCyvNZjOtwP2A35P18ZLmKW1ZdDsY=
x-served-by
cache-fra-eddf8230037-FRA
last-modified
Mon, 24 Apr 2023 09:07:34 GMT
server
AmazonS3-br
x-timer
S1682522849.505954,VS0,VE0
etag
"67ba61c1bb660235d1f24f85a1e08a06"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
114770
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_0/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327271
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FEMCKBWGSK15G9Z4
age
195464
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327271
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
ATBtUTYdsfjs4gnNnIL/LqTZrgU7HVVyruC0+5/sTO37DKNBdLr64+Gep0dQ0l89BXNzdpBzfTA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 24 Apr 2023 09:07:52 GMT
server
AmazonS3-br
x-timer
S1682522848.442607,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
152195
generic
match.adsrvr.org/track/cmf/ Frame 5940 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
%USER_ID%
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5940 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:66be:b78c:9970:b3c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
4f40df7a253972dd85bbf8b75ca94b47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f40df7a253972dd85bbf8b75ca94b47.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04b98cc04aa55c6e947d489b64addfee0bef309aa546824b1c9c75e1ec2bd0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f40df7a253972dd85bbf8b75ca94b47.jpg
age
3002606
edge-cache-tag
630368363784481036990648515797078232260,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
630368363784481036990648515797078232260,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
196
expiration
expiry-date="Fri, 31 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://load.ultrasurfing.com/news/
content-length
73012
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100106-IAD, cache-chi-kigq8000052-CHI, cache-iad-kiad7000082-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 28 Feb 2023 10:00:32 GMT
server
nginx
x-timer
S1682522849.505803,VS0,VE0
etag
"e320852f71b7c0f0cd19d34c91b1d5dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 2
6cfa448794ea189827e3c5c70b3e18a2.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_613,y_488/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_613,y_488/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cfa448794ea189827e3c5c70b3e18a2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5a22024876fea7d745e8ed4e6ab57125c187ac5cc2daab9e04255d2707eae21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_613,y_488/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cfa448794ea189827e3c5c70b3e18a2.jpg
age
1131007
edge-cache-tag
304893020472290177517751531123863051560,383049194995521733229400757664728860696,29ecf9b93bbf306179626feeda1fab70
cache-tag
304893020472290177517751531123863051560,383049194995521733229400757664728860696,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
845
req-referer
https://dl.gmx.net/
content-length
23182
x-request-id
2a2d7eacb9c58130da66496f93179dd3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kjyo7100153-IAD, cache-lax10636-LGB, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 11 Apr 2023 15:58:00 GMT
server
nginx
x-timer
S1682522849.505802,VS0,VE0
etag
"d54a9672ecb007818d31794fb03000ed"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
ef673b44c8958613e3e308bad95432b3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef673b44c8958613e3e308bad95432b3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24ffbb0f8d6b247d929cbeec75000703a3a04695323cec5c2ddbfad6fcf6cb5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef673b44c8958613e3e308bad95432b3.jpg
age
1032146
edge-cache-tag
548417265422015060570471374399216809679,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
548417265422015060570471374399216809679,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
86
req-referer
https://www.cnbc.com/
content-length
14818
x-request-id
114427569eee0eb31dcd92ee9f2c9370
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100113-IAD, cache-iad-kcgs7200040-IAD, cache-chi-klot8100114-CHI, cache-iad-kcgs7200078-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 14 Apr 2023 14:09:02 GMT
server
nginx
x-timer
S1682522849.506424,VS0,VE0
etag
"f122850c42939d1ce6823bce0548160b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 147, 2
225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac620699086f9dd7de888f4c53c52d64a623ae218b2b739ae8d6373e9baf3beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age
1322413
edge-cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
602328860012357606151299032710582386322,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gamesradar.com/
content-length
25422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100048-IAD, cache-lga21934-LGA, cache-iad-kjyo7100153-IAD, cache-fra-eddf8230022-FRA
last-modified
Mon, 27 Mar 2023 10:19:03 GMT
server
nginx
x-timer
S1682522849.506098,VS0,VE0
etag
"ffbb4f2f516348d2d91eea4af6797e09"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4400, 2
8cbb9eb5e29a1ab5f88f46d72a878cd1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cbb9eb5e29a1ab5f88f46d72a878cd1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdba0a6dcecf9e71166cd25f1edbdaa503d5f9daaca1ee609e8516723aa21e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cbb9eb5e29a1ab5f88f46d72a878cd1.jpg
age
1032171
edge-cache-tag
518841758251000878122664468035258391162,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
518841758251000878122664468035258391162,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
390
req-referer
https://sports.ndtv.com/
content-length
8542
x-request-id
e5081cce55f88ed3562e2fe81f64be64
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200160-IAD, cache-iad-kcgs7200074-IAD, cache-chi-kigq8000141-CHI, cache-iad-kcgs7200040-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 14 Apr 2023 14:07:46 GMT
server
nginx
x-timer
S1682522849.506338,VS0,VE0
etag
"6891bbb12cc0dfc6a144a62e6e7a7dce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1936, 2
b4812697f484040f520e7565606d90cc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b4812697f484040f520e7565606d90cc.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
db1667a1767ab748b1fc0d11afa86c01d330e28596507e3d69a68a814f1671c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b4812697f484040f520e7565606d90cc.png
age
6049130
edge-cache-tag
540770107261199872602461334425518508848,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
540770107261199872602461334425518508848,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
180
expiration
expiry-date="Sun, 12 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://pplus.ynet.co.il/paparazzi
content-length
8430
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kcgs7200097-IAD, cache-bur-kbur8200030-BUR, cache-iad-kcgs7200021-IAD, cache-fra-eddf8230022-FRA
last-modified
Thu, 09 Feb 2023 09:48:36 GMT
server
nginx
x-timer
S1682522849.506059,VS0,VE0
etag
"392a0f4a64fcd1f203a457e9ef22cbb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 123, 2
01ae6c65869e129d2a320714103ddc12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01ae6c65869e129d2a320714103ddc12.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
366880a2cd2848131cb136b871d81abbb5496b2c972bfde6f6c3179735235e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01ae6c65869e129d2a320714103ddc12.jpg
age
719211
edge-cache-tag
448434003118764312882296438086708452494,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
448434003118764312882296438086708452494,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
429
req-referer
https://ultrasurfing.com/
content-length
51800
x-request-id
e547a673bae46b1c5bc1e63e9536e45a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100077-IAD, cache-iad-kjyo7100174-IAD, cache-chi-klot8100093-CHI, cache-iad-kjyo7100135-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 18 Apr 2023 07:38:12 GMT
server
nginx
x-timer
S1682522849.537773,VS0,VE0
etag
"8f075f860be063110c46f68a9e4d148d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 24, 2
be7ce75336ff98d978f60a1f3b0b4c12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be7ce75336ff98d978f60a1f3b0b4c12.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
13dedcd4ce3549c07e1e14ce874c0105d8d335ccf5abd552b0cbb0f65d9e8dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be7ce75336ff98d978f60a1f3b0b4c12.jpg
age
1125693
edge-cache-tag
613596851662274880702841692821624807522,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
613596851662274880702841692821624807522,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1532
req-referer
https://flytant.com/
content-length
19692
x-request-id
2c1d8d982c7676b1990aa87906aca03b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100113-IAD, cache-chi-kigq8000134-CHI, cache-iad-kcgs7200028-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 05 Apr 2023 13:22:52 GMT
server
nginx
x-timer
S1682522849.537758,VS0,VE0
etag
"134b16d58312fc8d91e49ab6a41f983f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 189, 2
f5b4abcb69a0972461102a1211b357bd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5b4abcb69a0972461102a1211b357bd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c76f4a9d4dd6b74fb4030a555789ffc7e6b57c9c131b281702a95d5dbbe48ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f5b4abcb69a0972461102a1211b357bd.jpg
age
1822267
edge-cache-tag
624820021917003069993274619182512787948,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
624820021917003069993274619182512787948,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
176
expiration
expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/
content-length
6848
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200070-IAD, cache-iad-kjyo7100047-IAD, cache-lax10648-LGB, cache-iad-kiad7000179-IAD, cache-fra-eddf8230022-FRA
last-modified
Tue, 21 Mar 2023 14:32:22 GMT
server
nginx
x-timer
S1682522849.537758,VS0,VE0
etag
"759bdcf492df08d4a5eb202421c50bdc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 101, 3
49e30cfb47e21c67f25095d2d7f086a6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3eb1dcd0e74495f84822ba68bc239aa63c0fcf043c4f050988fa66e8e8ce9e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49e30cfb47e21c67f25095d2d7f086a6.jpg
age
2428348
edge-cache-tag
594755705797379670550579562063071952825,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
594755705797379670550579562063071952825,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
206
expiration
expiry-date="Sat, 08 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://home2.ultrasurfing.com/
content-length
44420
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200134-IAD, cache-iad-kiad7000172-IAD, cache-lax10638-LGB, cache-iad-kjyo7100032-IAD, cache-fra-eddf8230022-FRA
last-modified
Wed, 08 Mar 2023 07:50:04 GMT
server
nginx
x-timer
S1682522849.538197,VS0,VE0
etag
"2a1f52e7933a7d56f9305e07541d1b79"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 124, 2
852ea4fccf91347a6d46076162c3d5f2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/852ea4fccf91347a6d46076162c3d5f2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a40db77b7ee185ea8aa8764eaca37df8760e2f17864b2e34b083580594c3b23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/852ea4fccf91347a6d46076162c3d5f2.jpg
age
452976
edge-cache-tag
362493024423800341070329193208323191403,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
362493024423800341070329193208323191403,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
524
req-referer
https://www.insight.co.kr/news/436353?fbclid=IwAR1rDU-OJbsxUwF_PArWiWPzgSuhKoYywt8uxDugG-U0Q20hruPTjzsLL6w
content-length
23684
x-request-id
4db5db5359b4d2cb887e65313817728b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100022-IAD, cache-iad-kiad7000139-IAD, cache-lax10656-LGB, cache-iad-kjyo7100066-IAD, cache-fra-eddf8230022-FRA
last-modified
Fri, 21 Apr 2023 08:21:00 GMT
server
nginx
x-timer
S1682522849.538161,VS0,VE0
etag
"438a92f712a375bbad15484f372165a1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 2
030a5d886a4268c7c31f5c6ae11daefd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/030a5d886a4268c7c31f5c6ae11daefd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6276b58eeacc0f6c5c05d4d113c6e0ab0cc6004cf6a0df18df2d0396f1819b16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/030a5d886a4268c7c31f5c6ae11daefd.jpg
age
944458
edge-cache-tag
525497743208257157767033601979609771204,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
525497743208257157767033601979609771204,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
731
req-referer
https://www.tips-and-tricks.co/
content-length
52908
x-request-id
20c53de3a327631107330c98a99fed38
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000028-IAD, cache-iad-kiad7000153-IAD, cache-lga21933-LGA, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230022-FRA
last-modified
Sat, 15 Apr 2023 10:56:03 GMT
server
nginx
x-timer
S1682522849.538628,VS0,VE0
etag
"a86700beae6c895e937e9b289de0a5f0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 46, 2
43c6be18adc7b3a313ed18d400491de7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c6be18adc7b3a313ed18d400491de7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7843548832366940bed0c48b1c39df67280f78aee7c0ddc815751a8bec202f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43c6be18adc7b3a313ed18d400491de7.jpg
age
1898863
edge-cache-tag
335761690577131517821100119639240908415,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
335761690577131517821100119639240908415,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
292
req-referer
https://www.tipsandtricksjapan.com/%E6%A7%98%E3%80%85%E3%81%AA/sportspics/7/
content-length
22046
x-request-id
805ffe5603f01234f46339b9b9f4b506
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200027-IAD, cache-lax10633-LGB, cache-iad-kiad7000048-IAD, cache-fra-eddf8230022-FRA
last-modified
Sat, 01 Apr 2023 02:48:45 GMT
server
nginx
x-timer
S1682522849.563629,VS0,VE0
etag
"9982082f83885e3d4725b8182b3a9553"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 18, 2
604f64db35ad7d8e32fc4a7cffa729ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12c9ac55dbbb5a001ce96ef809fa7d647a07235dbbbbc72aac8a5adf7da7d63f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age
2525878
edge-cache-tag
380932827776598572844696039841441315722,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
380932827776598572844696039841441315722,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Wed, 26 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bhg.com.au/arnotts-iced-vo-vo-recipe
content-length
25530
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200147-IAD, cache-iad-kiad7000126-IAD, cache-chi-klot8100099-CHI, cache-iad-kiad7000162-IAD, cache-fra-eddf8230022-FRA
last-modified
Sun, 26 Mar 2023 19:29:32 GMT
server
nginx
x-timer
S1682522849.564313,VS0,VE0
etag
"409464c4e159e73a56c214530879fb54"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 91, 2
usync.html
eus.rubiconproject.com/ Frame 15A0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1682522847916&uv=3270&tms=1682522847916&abt=nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9f6497dc-fdae-4d99-a537-ec533864f25d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Apr 2023 15:27:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6C1D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Apr 2023 15:27:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 26 Apr 2023 15:27:28 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3721
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1682522849.586214,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2061
aulus-160x600-DE.html
s0.2mdn.net/sadbundle/3990534231761056980/ Frame 037B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1aef345648ef3a54550a4e2006f778f2b366464ff865bfca1f61251067e9699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
380120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2381
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 05:52:08 GMT
expires
Sun, 21 Apr 2024 05:52:08 GMT
last-modified
Tue, 11 Apr 2023 12:04:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6E9E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbAfjwdvjHbOf6sa1X3crQxIcDWPPHQLReYkmYPTHfAAPZg4yfO-4_aGgivLsiXWYUqAsuqf4o1_i-2ZJNN5HUkViAhazHEONM7-TtdMbUOqzhMYeoUJ9ra6dCRHPpTq8KGpRjD7ixuOB76RrZw-ibP26XXasqRK1-&sai=AMfl-YRmoaksTPnU684TJyPnzv2dxq1isQMhlRmpMXx1tE5EkcwSp0ZO-L5mqJWKlde2YP3paOItyEQEEVmjnjrQg1NbiwmLsLm4-vO8uA&sig=Cg0ArKJSzLQPxuQphLjMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=492&cbvp=1&cstd=488&cisv=r20230420.88498&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 15:27:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6E9E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:45:22 GMT
rd_log
fra1-ib.adnxs.com/ Frame 6E9E 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKFBOgFAgAAAwDWAAUBCN6FpaIGEJqLk-fh9s2HWhgAKjYJflTDfk-skz8R_43Bs9Lejz8ZAAAA4FG4zj8h_w0SACkRJAAxCRuonj8wwOeTDTinPUC8CUhlUNfF4s0BWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG8LyYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC9v9b6gIZaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNcB3FiIBQGYBQCgBbzY5J7v8vrAZsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFucNP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG5EzaBhYKEAkRGQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTk4OTg2MTIwNDHIBwDSBw0VcAEyCNoHBgFpcBgA4AcA6gcCCADwB6HBAooIAhAAlQgAAIA_mAgB&s=df516ecc50ebfee8779efb91c079f7634816f93b&bdref=https%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fultrasurfing.com%2F,https%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:28 GMT
AN-X-Request-Uuid
f40f2ac6-31bb-48de-ab59-a4c3e354dc79
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6C1D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67be8949ea1e2eb3d6be5236e65700699724076121e6acbff4a3283740688115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 06:08:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52846
Connection
keep-alive
Content-Length
10019
Expires
Thu, 27 Apr 2023 06:08:14 GMT
usync.js
eus.rubiconproject.com/ Frame 15A0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67be8949ea1e2eb3d6be5236e65700699724076121e6acbff4a3283740688115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 06:08:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52846
Connection
keep-alive
Content-Length
10019
Expires
Thu, 27 Apr 2023 06:08:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6E9E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL_yQWWlv6mSEj393ViAT3acD8xEj6DoKvOoyd4ouaH5xJvGJPqMuKRMDUYiohLkCMDP1DQrDbdfgGfVGPWrHPx-UpN-YORSbCpDwJWVTBpGBLse27PT-Ok34zgzU9fToSifwmXhYynx0aR3kUGCQeZHCsq8ee7ISWVx611EVyzIv--6T3wRYfHEc91P2jclo-7R3q-cbIp1hY2lyr7ZwUhxVJLve_U0f-YM194cBRigLQ7pBRpnj9J52E5u1C6fDX-V5KOOB6iaVxdMvmZs3v4I-vdT9L1s5m3kJzMKQAEqmws0mpsWXmsEw9H74PZvaFh3J2iPnmr9jDEn69Yvi4RAWKBQPu&sai=AMfl-YQ2ea_ca5tbnBhGDOkyW1B5uLj0EYT3BSEx1bVnl0UpK2FIauzD3Rai1HAjiWLUANxJTFluMe7YMOLLdU_ArJa1EMS5dZh-dxA7pfa7gRp76B9xJlbfBGpaDrSru4bPBzeQ9q_Mvy9VQhPTh78&sig=Cg0ArKJSzApmWxF6FkzBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 15:27:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZFnhp705p1GgXfnJiy8khF5mxn4f5Amol7DDpdpNK8gPl_kKIHONPiEVPmnAeTpNyOpmlofmeiqGDZIE8G2WP4rubaMJgcUPd30GVDYnWS3NVmJ_7EeupfnVT0c2mTyh8spxUCPGTMQErAE6_sx0srdJcjqB36ckRLzDJjdktGrBMdChAD6XixZaudrk2AVc3DQytEFdEoGyxVbIH6VEiyv5NAxgmogCsrYFDy--dPQl8-ksL9DVAhcGXbDiPXM0hp-nAHweSHj8RGR3SZF7_q-AdmRYAjmP39mjBOQA2bVBK4uGnOE-sE7VBJM3I6soVgvxkcQ2MNLNYgMhZtANt5GFF&sai=AMfl-YR1-wIqxtxSFnKtB6heBAD6k926xjtRCYhIiKjwGselIACnBoeoxBPSR1lrMZrT0J7xzI8MNT1sZppvpk9Vc9s7p01vLGJGYfXzVI5Hml58yfZlo5thVrbbl_cNjjM2SzncYSBU-WAgjHafbl0&sig=Cg0ArKJSzIz42A94hAtVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 15:27:28 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 037B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:27:28 GMT
aulus-160x600-DE.js
s0.2mdn.net/sadbundle/3990534231761056980/ Frame 037B 		143 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1663dc0e4bc933715687b61b19005d6eef20bd199c2cb866649097428f69cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 05:48:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553116
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14363
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:04:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Apr 2024 05:48:52 GMT
cm
tra.neodatagroup.com/ Frame A012 		1 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tra.neodatagroup.com/cm?sid=1&pv=MEDIAMATH&eid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&rt=img&rnd=1517244135435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 15:27:28 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
img
pixel.mathtag.com/misc/ Frame A012 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=497146&check=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&mop_top=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master zrh-pixel-x30 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:28 GMT
Server
MT3 830 785530e master zrh-pixel-x30 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 Apr 2023 15:27:27 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6C1D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LGXUNSTF-K-IE5Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:29 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2699391
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1682522849.127035,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
41990
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/ 		442 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
412930d5c0e70458a49866b0d7621325c81aa80e8674d25520c656f908268ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682154062
date
Wed, 26 Apr 2023 15:27:29 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
69EXT03AV8P6PZY4
age
368742
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682154074
x-amz-meta-mode
33188
content-length
85672
x-amz-id-2
DUeYPDzc9GXXEGToCYdBCBnEkBOyb4wvpwEkSe0GEK1b+ErFl1XvqG000B33mUEIFgKjMMREVkc=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sat, 22 Apr 2023 09:01:15 GMT
server
AmazonS3-br
x-timer
S1682522849.142247,VS0,VE0
etag
"9b2a5bec79742c442d1e12f994fa0c81"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
136953
sync
am-match.taboola.com/ Frame 133E 		383 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
194f63583d587ab293fe62247438e076750a9b2dc4e2e31581ef0ff4adcbb2f2

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 26 Apr 2023 15:27:29 GMT
machineid
3401
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&cmcv=&pix=31579697&cb=1682522849142&uv=3270&tms=1682522849142&su=3&abt=nonrv_vA!nrlc_vA!smbs!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:29 GMT
content-length
0
server
nginx
c.gif
www.bing.com/aes/ Frame 7D5D
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d4ec7a0-e9f4-4df5-b8ac-ec2044c6430e&cmExpId=V3&oAdUnit=391466&publisherId=162645330&rId=2cc46134-7dcc-4ede-80e7-f0fa2de64820&rlink...
  • https://www.bing.com/aes/c.gif?type=mv
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv
Protocol
H3
Server
2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC01BACD926A4C93B769C9AA1B70C8A0 Ref B: DUS30EDGE0418 Ref C: 2023-04-26T15:27:29Z
x-cdn-traceid
0.13d53e17.1682522849.1df33451
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 26 Apr 2023 15:27:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D386EFB42FE9452E8063A8250A6CE17C Ref B: FRAEDGE1522 Ref C: 2023-04-26T15:27:29Z
x-cdn-traceid
0.13d53e17.1682522849.1df332af
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
65
quic-version
0x00000001
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E1D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
342163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 16:24:46 GMT
expires
Sun, 21 Apr 2024 16:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 26 Apr 2023 15:27:29 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FRA60-P1
age
2559203
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1682522849.291834,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
x-cache-hits
72930
q2zvotynf-rrGx8t6QW3YQ
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 6C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/q2zvotynf-rrGx8t6QW3YQ?csrc=&gdpr=1&us_privacy=1---
0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/q2zvotynf-rrGx8t6QW3YQ?csrc=&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2a05:d018:d29:3602:66be:b78c:9970:b3c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/q2zvotynf-rrGx8t6QW3YQ?csrc=&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGXUNSTF-K-IE5Y&gdpr=1&us_privacy=1---
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGXUNSTF-K-IE5Y&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:28 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 59C80F9047D245D3A35CAF3F3D66A116 Ref B: FRAEDGE1410 Ref C: 2023-04-26T15:27:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6PuDJSZmP7ID/jw4rsg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGXUNSTF-K-IE5Y&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGMyNTRhZGUwMThhNzYzN2UyNDVjODJiNGI5MTRjMzY1YmM0OWNjMQ&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGMyNTRhZGUwMThhNzYzN2UyNDVjODJiNGI5MTRjMzY1YmM0OWNjMQ&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGMyNTRhZGUwMThhNzYzN2UyNDVjODJiNGI5MTRjMzY1YmM0OWNjMQ&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 6C1D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MMG4DDH5JFJC1SRC9VGZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JT7ED5W9Q8HCW9PY6BEH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdYVU5TVEYtSy1JRTVZ&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEJLH8iWc1tWSnGxTV260NZ0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdYVU5TVEYtSy1JRTVZ&google_push=&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdYVU5TVEYtSy1JRTVZ&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdYVU5TVEYtSy1JRTVZ&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 6C1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECit75K3ObPgefuqOa_QU-g&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECit75K3ObPgefuqOa_QU-g&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECit75K3ObPgefuqOa_QU-g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6C1D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6C1D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5VMH3SHG7F0MYKD35QCN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WC9TYX4BFE6SAP8PSB6D
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 26 Apr 2023 15:27:29 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2960
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1682522849.292424,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
31
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
13429
truncated
/ Frame 6E9E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83b8624fb455f1bc5eda860dbb548afd6787745c2b61cc302c267be143019538

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame 133E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
%USER_ID%
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 133E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:66be:b78c:9970:b3c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame 133E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.101.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-101-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
vevent
fra1-ib.adnxs.com/ Frame 6E9E 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKsC-isBQAAAwDWAAUBCN6FpaIGEJqLk-fh9s2HWhgAKjYJflTDfk-skz8R_43Bs9Lejz8ZAAAA4FG4zj8h_w0SACkRJAAxCRuonj8wwOeTDTinPUC8CUhlUNfF4s0BWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG9CkFmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAvb_W-oCGWh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA6YHCu8GaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DY0FNSzNrSkpaTE9vQ04tRWtkVVBxOXVtOEFUc3FNV2ZjTnFwLU9QV0VQZlNvcjNBQVJBQklPYVgxaVZnbGFLU2dxQUh5QUVKcVFKd3hwTVI4SWF5UHFnREFjZ0Rtd1NxQkpVQ1Q5Q1V0OFZ4a3h2SkZtVlZDSXdQZFpEQnVYbHRCZDRCNWRwVmIyNHVDeFdZM1VFVVNYdC01YjRrQ3pJQlJ2R3Z6aW9aemFTbmJ3bG9QZFhvZlJPVjFwbGdwdGQ0czVQZEszeTJoeDJUYjRQTnpubEVzQ3VmRFhvR1FaeUhfOERUTTdDTGxZZWt6R0RrYjRhd1VuSE15bTc0YlJ2eUlsV0JRMU1BVkxTZ2w0TlA2V09Ea3JRSkE1NWZaNkRTdnVtTFVseFlEdWtha2ZKaFlyb0NaVUN0MkNQV0NHMC1uVW1DbGRvYXBwOTNfTHV3UmpVcjM3aDh3cUNiaXFBNFJXUmZvMm1uZ3NNREhuTVVhTTdvZXZTOWp6TV9uUVgySEZMQ1VHcF9TYVZtamFDbEZnVmVzTTU4Yl9RZnNVbTR4ZE00X3hCYXZxM21yWUkyOXg4LTczY25GbjV5Wml4c2tIQTFqci1PZTh2dkVDTVpkM2daMzhBRTF1cll6YUFFNEFRRGlBWEo4cktRU3BJRkJnZ2RFQVFZQVpJRkJnZ2RFQUVZQVpJRkJnZ2VFQUVZQVpBR0FhQUdkNEFIeEx5SnF3T29CNDdPRzZnSGs5Z2JxQWZ1bHJFQ3FBZi1uckVDcUFla283RUNxQWZWeVJ1b0I2YS1HOWdIQVBJSENoQ01sZ0VZeGRPdjVnSFNDQkVJZ09HQUVCQUJHRjh5QXFvQ09nS0FRUElJRG1KcFpHUmxjaTAyTkRBM01USTBnQW9FeUFzQnNCUG1xX3dTeUJQTjJJemlBOWdUQ3RnVUFkQVZBWUFYQWJJWENBb0dDQUFTQUJnQTZCY0Ymc2lnaD1jaVdHZ19STXZnRSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURLSFlfUkhkdFNBZGxFWG4yWUJleklvMDVGLU1ERGhnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2NDg5NDY2ODQzMzcyNTA0NDc0Igk0MzE1MzA3MTEqBzQxMDU5MzE6CTQ4MzEyNTcwMcADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNfF4s0BiAUBmAUAoAW82OSe7_L6wGbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW5w0_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG5EzaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwsxOTg5ODYxMjA0McgHANIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHocECiggCEACVCAAAgD-YCAE.&s=0ae9c99ab3ad733f8189db71c5be3ec8eb333753&type=nv&nvt=5&jm=1003&px=325&py=487&bw=160&bh=600&sid=3488233201378752803&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587520&sw=1600&sh=1200&pw=1600&ph=6356&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:29 GMT
AN-X-Request-Uuid
fc9c2f5a-9850-4bcf-98a8-66a6dcd85622
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 7D5D 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLxBuhxAwAAAwDWAAUBCN6FpaIGEPPah-_PgorHIBgAKjYJzWUgICV7ij8RtmC4ETAoiT8ZAAAAIIXr0T8htg0SACkRJMgxAAAAQOF6pD8ww-eTDTinPUC1XkjjA1C6iYq2AVjMzk1gAGjC4GZ4AIABAYoBA1VTRJIFBvBbmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOAC1cRd6gIZaHR0cHM6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDF6ADAaoD-wIKpQIRLxR3d3cuYmkNK_BeYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MmNjNDYxMzQtN2RjYy00ZWRlLTgwZTctZjBmYTJkZTY0ODIwJmNtRXhwSWQ9VjMmb0EyRABUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOklkAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc1ODc1MjMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgF6emYlM0Fhbmd2aXJxdmZjeW5sJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM0NTg1NjUyNjUzMDUwNjA5OSIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05EYzJNakk0TlRZNE16TTPAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWbqNP_oOivvDnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AVw-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAABUl0AAAQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JDSMFJAzaBwYIBQlo4AcA6gcCCADwB6HBAooIAhAAlQgAAIA_mAgB&s=96e20b9d3bd6d773e8a76dd5ea0024d7fc72adb3&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=3488233201378752803&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587523&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:29 GMT
AN-X-Request-Uuid
ab622bb6-9f6a-4d55-a27e-a2a5bc23ba6a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
pagead2.googlesyndication.com/bg/ Frame 9E1D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 09:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14156
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 09:41:09 GMT
generate_204
tpc.googlesyndication.com/ Frame A598 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A9xBhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
aulus_160x600_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/3990534231761056980/images/ Frame 037B 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3990534231761056980/images/aulus_160x600_DE_atlas_1.jpg
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cb8933d9081293c7b1f6d16e831572b659dbe1b36979215387014e89fa099eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3990534231761056980/aulus-160x600-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:07:09 GMT
x-content-type-options
nosniff
age
1220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2131571
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:04:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Apr 2024 15:07:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6E9E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbAfjwdvjHbOf6sa1X3crQxIcDWPPHQLReYkmYPTHfAAPZg4yfO-4_aGgivLsiXWYUqAsuqf4o1_i-2ZJNN5HUkViAhazHEONM7-TtdMbUOqzhMYeoUJ9ra6dCRHPpTq8KGpRjD7ixuOB76RrZw-ibP26XXasqRK1-&sai=AMfl-YRmoaksTPnU684TJyPnzv2dxq1isQMhlRmpMXx1tE5EkcwSp0ZO-L5mqJWKlde2YP3paOItyEQEEVmjnjrQg1NbiwmLsLm4-vO8uA&sig=Cg0ArKJSzLQPxuQphLjMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1373&vt=11&dtpt=881&dett=3&cstd=488&cisv=r20230420.88498&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ultrasurfing.com
URL: https://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 15:27:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 15:27:29 GMT
/
pips.taboola.com/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230037-FRA
date
Wed, 26 Apr 2023 15:27:29 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1682522850.688815,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 15:27:30 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E9E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSkKpQXSA-Bg-zxLb0LAOAZCop_i5p0Bktjog9Yexxm67NEiYxMR4K8i2Nd3vbQSgoKjtgAI0vauGzeN8FVtcyiUMttBjuUHI&sig=Cg0ArKJSzPVoTvTZD3oEEAE&id=lidar2&mcvt=1119&p=0,0,600,160&mtos=1119,1119,1119,1119,1119&tos=1119,0,0,0,0&v=20230424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=2753453199&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682522847397&rpt=1419&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E9E 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8aRr7GKBKPSl6yM_JBHJK7XxJQ9rjt0opOu5t7tK8V1nqTjsG9sDVRuNz6UKEN_7PhUBXfQVx2iBqo_wCWBoUvcSfmje5Hc712Dp1hmVAjK7HLzqZ&sig=Cg0ArKJSzC065A9e6GYbEAE&id=lidar2&mcvt=1122&p=487,325,1087,485&mtos=1122,1122,1122,1122,1122&tos=1122,0,0,0,0&v=20230424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=63753022&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682522847397&rpt=1400&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoD-QvtJUQ2WBeA17T3RLSY1LeD3C9re3VQpilLM3SNz-FIWylPlXDODLv4qtC72zk0ffv5aPCjUMsOQQUwFMdAaJk8DWF8vargiti_iB_jd_tgChi&sig=Cg0ArKJSzEr0htujwLqoEAE&id=lidar2&mcvt=1062&p=1110,436,1200,1164&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20230424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3365800529&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682522847413&rpt=1439&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=1155236521968776&bg=!NDelN2PNAAYfNdXmPzU7ADkAdvg8WlSdN4dhbDoajufxM7jopPgnxApfY4TH2CUM32p-71hHOO8lZOQ888i2wNW0C6XfrVgXkJwCAAAD2lIAAAAIaAEHCgCSSc9ocsbY0MhxUWb2HwA_hCe1eEMYqvArp_hTo4FxSWQblr3JMTdQ5_E20pzcifsAAz2fZ8xDVYEBFR9IXcGoXFbrphEJhOiTqQAwvcpUBA2YldqFe3THBqk1OZ6I2zEMtxYyQXdd3wGXhgbMwiSveRDWjFdDPKiLzPURhZI28vTYsTLIGcCj5mMeg6aGAndBAFqZAtr780j1ru9Xi9iBTmfBDjGlffTelmvysU0fljB0nVXqix0jdkV205rraqShfNwLW6xUg5RNzmX0HUXthPjaQOCO_5AEnUVjP0lQdxRQF9-XyvExpQLkXLZRVFhF11pdoI9ldzBDqTTI_CUmQKS4syJKC1dkAGMPg162biKxOKuwkWySgTSSV8FeOxKV0n4s5ND2sMb5MM7bmZtLtwuDdGSPPffJQYrlQLvGAZ94BOl9u0vrbAj5jJaNwRJLIs4dwjZAkkAzm3vdJrUK5R4HbSA6sJgmn1BFoihMxZkmgyhbMPCE3JhG789HmS-5tdazu3QfDl5VGxphg1e_nWMfR0ig8eykriuVADifmNvLcmdBAV0GnTxN9jpAD6vXUDQdsrPiXUtQlWUKQNgTM3y-mvyzUDFiexjUFyzr_AP3ZsnKNqnJK4pm0aFiNdaJeqTV5JsVeN4CycRjHS-3u7RD2TfWD2lvllkwT1V2OGJrEOY5ka2ktxBjr_kQhR8c7I0420pPBJayKrh3w7CB_93UVesEYmYxeLjLVkBqBqusG57f__7eXcgtZcM6vAJBx1TguGMldUamuo9B5ABz_pdHwVB6RgAgTlet4U2gSc2s7Jc1V--SHPAixFUhniJpLpVKakrQlFHKEF95Mz37r_Cq33nNM0nO4yaXD9k9DdWJH33XhcerUK5jL8W7v3HJ7b6cYeJk6zcgos0WaXlFoDUqWmbak4Nb5pas1PviA0fHDHhFRj_-mOcWphJiFyInzni3WUjW6hH-Y_hVVd0u6VuhmE5efZGOw98PE3Dl_214YWXZ43j0y7TteX09cnAPVNL8cZucKC-Styg2kdN_zQHdm2zmI-6TXlz9mSaqWrRTjxQ7jF5hM87s4_RrMLJay-PfsewUCTEiXXkYorQKKxkMUSseCmNpCGl4-_mjvpUTnocdZm6vin8NmOzupzLjXZ-zWspsGfaFcReJfB2T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E1D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6uTR30JJZKLLLZCO3wOklbmgDQAAAAA4AeAEAg&bg=!OjmlOW3NAAYfNdXmPzU7ADkAdvg8WgqQF8tN4Hk-aJG9C4BsF8BNc3xzS5OFadOmuYz-xHIIpMRCiSuHiYTu0-eykKZCn_qDLCYCAAACeFIAAAAFaAEHmQL53nDQ1UyZG_3oD1Kl15dl2PkvOp0XMSnBLY_N_oxaBIIc71QCI6IdmdR2xcClyqm785EFYikBVeXPrvm7M0SofuaIULRfLhc9kJgX8eJhi5vdMVcC35eKK-GFcgavCSzxir2HcGsjFiA2T0UGjebJ8mX5HBBlFbPggjm9p86GWNUDaXgdPRYB0badZ8-Y3ul2gWbAXWmZlCavQr_4mvM4D21GDSfcX1MSVO2aG-VzjHD2tB042JORkCgoZ7H4mGBK4DYoEtpdB3z6AdmMQus7txjZLbZiIn3HxAVbob7FGdGgjf09kCpAO_i8WFIRzpnDlWKWK1-j-rclBZGIVJ5ab5cQjQ4-yTCJ9UCnKrnqXWDOUsVetSik3rDAS4Oqh-X3NXyiQ_xYktuYQBpj5nwpBQbQJN7tej1YOz3bT_DQAu1uc3yKSx5S591tcDtt8e0Qbv0TX6Kvgfbm4Ik17uDyPTs5Y_EGWzHcouzjBzY3WqRkaDvcADBDuq8yAgVL4l7knzu2K_Tv56xvpzhc4FOMg9J7a3XdqElEwCFzssSIX3lM0nCnJgO7E1tclMDCBEAgFcJOS70d5299jgsdnqiiLTS5qJCaoKpNPNkaid7QKIhmtK505Ql5vfR14yjE_rSQ5rb7n4jXSnFkfe8Ygu6QFzKPL7WD-TAUeccyBykOUizaanYXwk3gzujsQk8SZXO9Npc6WavsFxn_hen5vvKZP-1cM9pDxswy7Hlpb_tXAkInoqtcvpb1VoxK8hmaHjeFKkrFUu6QsVJ61cN1EZyq4CngiFdNNuEvzYoBiFXkceuVe_tiH9RLFbnbd6u3639d8moFNUnIFpp8y5i85gslC8HwKnCIPRvEzk60JEUnWIflBIMLoTJW2Ysgbzo1P6vykuRlfrSmE4LvvRmOqHmEv_zJiq-_JzAvRzTdNY-7O1d9tHN7FcBNnvBjbMwRwYVf20Zvt9ph-fgsJuzJy9zmK0H0HqlYczBSDIMZXBAH4HXCO5a--YAyCgI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 6E9E 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKsC-isBQAAAwDWAAUBCN6FpaIGEJqLk-fh9s2HWhgAKjYJflTDfk-skz8R_43Bs9Lejz8ZAAAA4FG4zj8h_w0SACkRJAAxCRuonj8wwOeTDTinPUC8CUhlUNfF4s0BWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG9CkFmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAvb_W-oCGWh0dHBzOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA6YHCu8GaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DY0FNSzNrSkpaTE9vQ04tRWtkVVBxOXVtOEFUc3FNV2ZjTnFwLU9QV0VQZlNvcjNBQVJBQklPYVgxaVZnbGFLU2dxQUh5QUVKcVFKd3hwTVI4SWF5UHFnREFjZ0Rtd1NxQkpVQ1Q5Q1V0OFZ4a3h2SkZtVlZDSXdQZFpEQnVYbHRCZDRCNWRwVmIyNHVDeFdZM1VFVVNYdC01YjRrQ3pJQlJ2R3Z6aW9aemFTbmJ3bG9QZFhvZlJPVjFwbGdwdGQ0czVQZEszeTJoeDJUYjRQTnpubEVzQ3VmRFhvR1FaeUhfOERUTTdDTGxZZWt6R0RrYjRhd1VuSE15bTc0YlJ2eUlsV0JRMU1BVkxTZ2w0TlA2V09Ea3JRSkE1NWZaNkRTdnVtTFVseFlEdWtha2ZKaFlyb0NaVUN0MkNQV0NHMC1uVW1DbGRvYXBwOTNfTHV3UmpVcjM3aDh3cUNiaXFBNFJXUmZvMm1uZ3NNREhuTVVhTTdvZXZTOWp6TV9uUVgySEZMQ1VHcF9TYVZtamFDbEZnVmVzTTU4Yl9RZnNVbTR4ZE00X3hCYXZxM21yWUkyOXg4LTczY25GbjV5Wml4c2tIQTFqci1PZTh2dkVDTVpkM2daMzhBRTF1cll6YUFFNEFRRGlBWEo4cktRU3BJRkJnZ2RFQVFZQVpJRkJnZ2RFQUVZQVpJRkJnZ2VFQUVZQVpBR0FhQUdkNEFIeEx5SnF3T29CNDdPRzZnSGs5Z2JxQWZ1bHJFQ3FBZi1uckVDcUFla283RUNxQWZWeVJ1b0I2YS1HOWdIQVBJSENoQ01sZ0VZeGRPdjVnSFNDQkVJZ09HQUVCQUJHRjh5QXFvQ09nS0FRUElJRG1KcFpHUmxjaTAyTkRBM01USTBnQW9FeUFzQnNCUG1xX3dTeUJQTjJJemlBOWdUQ3RnVUFkQVZBWUFYQWJJWENBb0dDQUFTQUJnQTZCY0Ymc2lnaD1jaVdHZ19STXZnRSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURLSFlfUkhkdFNBZGxFWG4yWUJleklvMDVGLU1ERGhnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2NDg5NDY2ODQzMzcyNTA0NDc0Igk0MzE1MzA3MTEqBzQxMDU5MzE6CTQ4MzEyNTcwMcADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNfF4s0BiAUBmAUAoAW82OSe7_L6wGbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW5w0_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG5EzaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwsxOTg5ODYxMjA0McgHANIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHocECiggCEACVCAAAgD-YCAE.&s=0ae9c99ab3ad733f8189db71c5be3ec8eb333753&type=pv&jm=1003&px=325&py=487&bw=160&bh=600&sf=1&sid=3488233201378752803&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587520&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 15:27:30 GMT
AN-X-Request-Uuid
932a1d1c-bb71-4442-b6a4-8cc4f1f09016
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E9E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9570223786129&version=m202301230201&ct=119&x=10&cor=6648248110078899000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1682522850970&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1514&pt=823661390&tz=0&viewable=true&ddast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vA!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
019162622d7d1056dd54e47d9caad7fb0b5087ca580d1f68450992290b631b02

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 26 Apr 2023 15:27:31 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1479
x-cache
MISS
x-served-by
cache-fra-eddf8230022-FRA
pragma
no-cache
server
nginx
x-timer
S1682522851.975873,VS0,VE800
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1682522854003&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1514&pt=823661390&tz=0&viewable=true&ddast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vA!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
db64c3d6b5fe654a4085c58fb1fa68f3550663dcaced7952bec607bf02d37d53

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:34 GMT
content-encoding
gzip
server
nginx
machineid
1489
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1682522856971&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1514&pt=823661390&tz=0&viewable=true&ddast=V8M1cCLAb8a5fxEGy1UhL41y7jIdhqpSwAAABgYID-AEnObKPlbuRxy0wOl1s0ci7XCtdmt1Z5XJvNcDaaWVYjIyDJmW203I08bpnJ4XKLRs7lWuHa7NYqj2uzGc5GM8tqZAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxSHCLA-71-a6nA4Kt0HtcNr9AQAAAAAEAAAAAAmAAcPvEgAUXZMn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJZG9RM1EU2pECmKLMAIAAACQDXQ5cGSSTlCxqPL__99vBeAKAEDAoW8LTU0W3UGJtzAAAAAAYxboYfH7zQ67xu92mf________9_M_9n_tEIIRV-pAlSwJVS8wsIALDmFxAAgM24AQB4EwAn6BC0YjBYnQQabDaTxWw1nB0AAACAO_____96QMTkWyx2m5llsBwORzbfxjGymHYT03I3W402M4f3OEY9FPaeVi71CRGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEZoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBBMj48aw8izXKstwtxYNF5u1xDYZrEWGhWvjMrlWI8NuLXp9TBfTZGNcrbxIMABlL5KnRTrRuDau0cRkHHkmw-VoMVyZHAvDcmIarjY2k8M2m4glmpNFOpFd9hWTb7HYbWaWwXI4HNl8G8fIYtpNTMvdbDXazBz-xsi4Maw8y7XKMtytRcPFZi2xTQZrkWHh2rhMrtXIsFuLXh_TxTTZGFcrf2M2nKwmk-Fotm_MhpPVZDIczfYdJtMz9TkbxbWcxCNU3aZDkbfmMChcBov3JzEtpt3ZQXTyHZ0yh0dZ0Bn9fr_f7_f7_X6_36D1HMwGhe87tA7HkevHmV18D2KDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xGDLHZz2WiuWC3mmlUCAAAAAAAAALAE00w3AQAAAHAykM1isVmt00FsNqPZbrVcABDx87oAAAAAAAAAAHahF4WNW-ml2hVr7LGJOpsuD8_rcnOrzqbLw_O63KwMACKendlmnxHEWq2WNQAAAAFsAAAAAdx0400AWRT3____Pw4AAICMHHoAAAD0-4CswEavFXri-BXEYLWc7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vA!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
68555314cf5cef418f3cb5228b65bfa0082f770eeedefbeefb8e4398cdf04cd2

Request headers

Referer
https://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:37 GMT
content-encoding
gzip
server
nginx
machineid
1419
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ultrasurfing.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
img
pixel.mathtag.com/comp/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:37 GMT
Server
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Wed, 26 Apr 2023 15:27:36 GMT
img
pixel.mathtag.com/comp/ Frame A012 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:37 GMT
Server
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Wed, 26 Apr 2023 15:27:36 GMT
img
pixel.mathtag.com/misc/ Frame A012 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=497146&check=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&mop_top=&final&timings=0:394|0:432|&errors=10000:447|
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 830 785530e master cdg-pixel-x26 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e3ee6449-42df-4400-8cd6-4a0550c7e0a3&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1517244135435&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 15:27:37 GMT
Server
MT3 830 785530e master cdg-pixel-x26 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 26 Apr 2023 15:27:36 GMT
dc_oe=ChMI4raqhe7H_gIVEMd3Ch2kSg7UEAAYACDtisZaQhMIs4_IhO7H_gIVX0KkBB2rrQlO;met=1;&timestamp=1682522859511;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6E9E 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4raqhe7H_gIVEMd3Ch2kSg7UEAAYACDtisZaQhMIs4_IhO7H_gIVX0KkBB2rrQlO;met=1;&timestamp=1682522859511;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 15:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2037571623&i6=2001:ac8:20:3b00:1011:84fb:4a99:6a9d&r=https%3A%2F%2Fultrasurfing.com%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

539 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless object| __cfQR function| gtag object| dataLayer object| _taboola string| bs_id_1716 boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data object| aawChunk object| aaw object| _pbjsGlobals object| googletag function| onYouTubeIframeAPIReady object| apstag function| docReady object| mnet object| liQ_instances object| gaGlobal object| TRC object| _tblConsole undefined| msg object| _comscore boolean| apstagLOADED object| apscustom object| _aps function| s_hsp function| pb_sdp number| mt_gdpr_on object| mt_gdpr_content boolean| pb_4 string| pb_9 number| mt_ext_stat number| mt_ext_stat_send boolean| mt_bid_cache boolean| mt_cmp_on number| mt_cmp_opt_lvl number| mt_dbstat_on number| mt_dbstat_cmp_only boolean| pb_l_result_found number| pb_8 number| pb_gv object| mt_temp_params number| mt_global_build_time object| mt_special_params object| mt_stopped_tags object| mt_google_slot_statuses object| pb_cl function| mt_get_container number| mt_start_loading_time function| pb_lg function| mt_add_temp_param function| pb_th function| mt_add_hb_history function| mt_add_google_history function| pb_ib function| mt_search_divs function| mt_search_div function| pb_f function| pb_f_sub function| pb_i function| mt_gtt function| mt_get_tag_by_id function| mt_get_tag_by_block function| mt_get_el_desc function| pb_l function| pb_sc function| pb_cp function| mt_get_geo function| mt_check_image function| intFromBytes function| bin2String function| pb_cb function| check_double_time_diap function| check_time_diap function| pb_rds function| pb_rdn function| pb_rde function| pb_ggr function| pb_ci function| pb_cg function| pb_cc function| slsc function| clsc function| glsc function| pb_glv function| pb_clo function| mt_check_block_mask_id function| mt_check_block_pattern function| mt_check_mask_pattern function| mt_undnone_elements function| pb_pi function| pb_v function| pb_xr function| mt_set_tag_leveling function| mt_get_day_of_week function| mt_put_wrapper function| mt_custom_replace function| mt_check_have_childs function| mt_use_teplate function| und function| mt_rp function| clear_id function| mt_check_ip function| mt_throttle_check function| lrm function| lgf function| chr function| adh function| mt_filter_script_repeat function| mt_filter_custom_triggers function| mt_filter_stop function| mt_filter_sizes function| mt_filter_iterations function| mt_filter_cmp function| mt_mlt_filter_template function| mt_mlt_filter_auto_placement function| mt_mlt_filter_multi_blocks function| pb_fsbl function| mt_bl_ex function| mt_ch_mltb number| mt_prebid_timeout_default number| mt_prebid_timeout boolean| mt_prebid_timeout_changed function| pb_h function| pb_rn function| mt_native_try_tag boolean| mt_window_focus_state function| pb_srl function| pb_a function| pb_pt function| mt_dt function| pb_s function| pb_spt function| mt_execute_passback function| pb_p function| disp function| pb_e number| mt_google_collector_activate_attempt function| mt_init_google_history function| s_g1 function| mt_receive_google_event function| mt_process_google_event function| mt_set_google_size function| s_g2 function| mt_check_google_ready function| mt_google_detect_activity function| mt_get_google_slot_by_id function| mt_clear_google_id function| mt_get_google_iframe_ad function| pb_st function| pb_ss function| pb_se object| cmp_list object| pb_lg_buffer function| mt_get_cookie function| mt_register_cmp_events function| check_cmp_timer boolean| mt_cmp_refresh_activated function| check_tcf_api function| mt_refresh_tags_cmp number| variable_1 object| didomiEventListeners object| mt_custom_triggers object| mt_custom_triggers_to_tags object| mt_custom_triggers_functions function| pb_pttg function| mt_process_triggers_array function| mt_process_triggers function| mt_process_trigger function| mt_process_filter function| mt_get_var_sub function| mt_check_google_ad_targeting function| mt_client_stat_add function| mt_add_client_stat function| mt_clear_client_stat function| mt_send_client_stat function| mt_client_stat_show function| mt_add_google_event_stat_click object| mt_client_click_iframe_stat_object function| mt_client_add_click_event function| mt_client_analyze function| mt_tag_have_deamon_leveling function| mt_client_deamon_leveling boolean| mt_blur_event_added function| mt_hbstat_process function| pb_so function| mt_add_dnone_stat function| mt_send_googletag_stat function| get_recursive_object function| mt_check_double_impression function| mt_send_double_impression_stat function| mt_start_double_impression_timer function| mt_add_google_send_stat_temp function| mt_add_google_send_stat function| mt_send_google_statistick function| mt_stat_get_connection_type function| mt_stat_get_os_type function| mt_stat_get_device_type function| mt_stat_get_browser_type function| pb_m function| pb_d object| mt_outdata object| mt_words_dict object| tag_templates function| mt_statistick_tick function| mt_add_ticker_statistick function| mt_send_ticker_statistick function| mt_set_timing function| mt_have_timing function| mt_round_timing boolean| p object| pb_t object| _qevents number| year object| _exaudiadapex boolean| pcommonID object| _gcio number| pb_5 object| lotame_sync_16576 function| ha object| ggeac boolean| google_plmetrics object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| COMSCORE object| ns_p function| GCIO function| quantserve function| __qc object| ezt object| _qoptions boolean| element_in_viewport object| pb_10 object| $jscomp object| _neodataTags function| _neoJsPiggybackHandler function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_Q object| sync16576_ua object| sync16576_va function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_ma function| sync16576_R function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_S function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_T function| sync16576_U function| sync16576_wa function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_xa function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Aa function| sync16576_ya function| sync16576_2 function| sync16576_za function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_6 function| sync16576_Ca function| sync16576_Da function| sync16576_Ba function| sync16576_8 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ea function| sync16576_9 function| sync16576_7 function| sync16576_Ha function| sync16576_Ia function| sync16576_Ja function| sync16576_Ka function| sync16576_$ function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa undefined| google_measure_js_timing object| mt_google_history boolean| mt_google_collector_activated object| hadron boolean| __halo_loaded__ function| setImmediate function| clearImmediate object| ID5 object| PublisherCommonId object| au object| googleToken object| googleIMState function| processGoogleToken object| mt_throttle_timers number| google_unique_id object| mt_google_stack string| nam object| placementData object| GoogleGcLKhOms object| cmTag function| MtBts function| metric object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_Q object| sync16589_ua object| sync16589_va function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_ma function| sync16589_R function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_S function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_T function| sync16589_U function| sync16589_wa function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_xa function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Aa function| sync16589_ya function| sync16589_2 function| sync16589_za function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_6 function| sync16589_Ca function| sync16589_Da function| sync16589_Ba function| sync16589_8 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ea function| sync16589_9 function| sync16589_7 function| sync16589_Ha function| sync16589_Ia function| sync16589_Ja function| sync16589_Ka function| sync16589_$ function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa object| lotame_sync_16589 object| googDdmPs object| img object| _cm_wfCounters string| lastWfUrl number| lnt_z function| webpackHotUpdate function| startCMTagMain string| category number| pb_0 number| mt_time_old function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer number| mt_time_new object| google_image_requests object| mt_pb_history boolean| white

46 Cookies

Domain/Path Name / Value
ultrasurfing.com/ Name: _uc_referrer
Value: direct
ultrasurfing.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ultrasurfing.com/ Name: _ga_Y4YW22RJ0K
Value: GS1.1.1682522845.1.0.1682522845.60.0.0
.ultrasurfing.com/ Name: _ga
Value: GA1.1.642455925.1682522846
.prebid.a-mo.net/ Name: __amc
Value: 1_1682522846_1682522846
.lijit.com/ Name: ljt_reader
Value: Gi7_pBZHiivjwkn7SZyNME6w
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEw3oWlogY4AUABSAEQ3oWlogYYAA..
.rubiconproject.com/ Name: khaos
Value: LGXUNSTF-K-IE5Y
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qozP1+frDtgq0Hau3iET1N0BmQvWiFCZkLw07SfgJDFJ9mXUW/I4t74TI8Z7nfGi1ikOYjAkmURkSYbB5SW5XQ3B4Djz+PKaDGma+WVcS1g3g==
.adnxs.com/ Name: uuid2
Value: 4879352085120318172
.quantserve.com/ Name: mc
Value: 644942de-4f359-4770c-9be1b
.ultrasurfing.com/ Name: __qca
Value: P0-1563989890-1682522846094
p2.gcprivacy.com/ Name: gcid
Value: 2bfe14c6-99bd-4fc0-ab9a-2c83f7882c2b
ultrasurfing.com/ Name: gcid_first
Value: 2bfe14c6-99bd-4fc0-ab9a-2c83f7882c2b
ultrasurfing.com/ Name: _lr_retry_request
Value: true
ultrasurfing.com/ Name: _lr_env_src_ats
Value: false
ultrasurfing.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1d8c0e39-e287-4813-b620-d0a5ced55d07-tuctb42c85e
.liadm.com/ Name: lidid
Value: db860437-e8ae-4ef0-a003-5743571fcd4f
ultrasurfing.com/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%22qbj9vxTMTp482Nrpu6p2WoS-Yzr6HMezC7wAlQ%22%7D
.mathtag.com/ Name: uuid
Value: e3ee6449-42df-4400-8cd6-4a0550c7e0a3
.ultrasurfing.com/ Name: __gads
Value: ID=3de5e7c8fe948091:T=1682522846:S=ALNI_MaH5ZESIpsW_PZZmQF8RJ2Q11CGWA
.ultrasurfing.com/ Name: __gpi
Value: UID=00000c0abb58dec8:T=1682522846:RT=1682522846:S=ALNI_MbBraxznIEeylNDwkgH-Na3QMMN1w
.doubleclick.net/ Name: IDE
Value: AHWqTUlI0fL6cyQkpzps55OUne180nThYfTy1WNk3LANEHiFMUnD1Db-zGNBhmtFeCM
.neodatagroup.com/ Name: cProfile
Value: AQMPfFpxkgWpAAAAAAAEAAABh9LGqMkAB2RlZmF1bHQ=
.neodatagroup.com/ Name: cP
Value: ARIDD3xacPQFkgAAAAABq+M/
.neodatagroup.com/ Name: cOptout
Value: 0|yocToken:B_EOnH1MItLPmS474lv2LMeylAU
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.criteo.com/ Name: uid
Value: c9db47aa-cf1e-4ac1-89df-037ed4b5b1c7
.mathtag.com/ Name: mt_mop
Value:
ads.smartstream.tv/ Name: DID
Value: b0d69bff3891bba1170b0838d6878eb0
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.sxp.smartclip.net/ Name: uuid
Value: b25250b9-df42-4964-69c5-703ddde9dc85
.openx.net/ Name: i
Value: 38acb1da-573a-4375-b36f-a5a836a0adbc|1682522847
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESEA2ObNBwVV6Vred8Msg93jc
.sxp.smartclip.net/ Name: psyn
Value: 19473.10
cm.adsafety.net/ Name: UID
Value: CM120230426159b5c52a9c5c233bb0be
.adsafety.net/ Name: cm_uid
Value: CM120230426159b5c52a9c5c233bb0be
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvbXNzc1J6WkEzak5rbXVTMXFnVzlEMVpuaXB5MWVrWUZ6UnE5dWxsN05hVEc1U3Y3dUJ3aHAyeHJ6ZE5NaGxuR3RRQndnV3lPd3BnSG9VeDlCdUhqYkZMMUdMMWpRL2JHN1pFNVhGQXdEWVNCR1cvcTBqbjUvaFRxNGRHS08wMnBBaVZOZDRudGJpbVViRnp5N2RoRUNjVk9WUFJ0MzRKYTFQbDYzWmpSVnlTclNKV3VmbnYwUnBPMmZvWHJKYnNjNGdlSjhIR1VpV1NWWmphZG9IeXJSVkt2bHdCS1JSLzB4VVI0ajAxMjlVRGtUZjhFRG85dnhQMHBES1BSNU51SVpYS2NoYkRzVWJLaFA0ZEF2eXdNVE1BZEtsVlB4SFl6M2Q2b2ZVR01JU2tPWVhuS093d1oyL1BqeDR2UmJlRll3PT0%3D
.bing.com/ Name: MUID
Value: 299E93A6823868A508E781598353697A
.ultrasurfing.com/ Name: cto_bundle
Value: T73dPF80SEF6UmdISUs2SzBJVG1iJTJGOU5BMnVGN21aQ2ZlOEJPa3UlMkJwNnNrVTJvZlljNSUyQkdYemNwSTM3ZkhoOUlTWGF6d1QxemFXYzlCVWlCZ2pCV0FhOXZoODIzcm43amQzeE9DVlE4R1A1Zm0zNWhnTWV3TDc1cktKQ0s4TmJwRkpvZE8lMkJDaFVQa3c2c01SUHdZSmtEU2dnSlphbVFzU0ZkR0M4M2olMkJFN243RHZJJTNE
.neodatagroup.com/ Name: tr
Value: loCAwIKjQVBOzmRKlF+pTUVESUFNQVRIzmRKlGCAgtoANDMwZjdjNWE3MGY0MDU5Ml9lM2VlNjQ0OS00MmRmLTQ0MDAtOGNkNi00YTA1NTBjN2UwYTPOZElC4NoAIzMwZjdjNWE3MGY0MDU5Ml80ODc5MzUyMDg1MTIwMzE4MTcyzmRJQt8=
.yahoo.com/ Name: A3
Value: d=AQABBN9CSWQCEBPlNx8gUgP6qF13Ipcq_wUFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAvVD5p7q7peoHQ5w6hoI_Wc
.linkedin.com/ Name: bcookie
Value: "v=2&0456e268-a6b0-4763-8c8c-9f499d5e7c22"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODI1MjI4NDk7MjswMjF8sVl6bTx188hSF+fcEFsBXERL1LfiH9Qbkmq9wVKCmQ==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2758:u=1:x=1:i=1682522849:t=1682609249:v=2:sig=AQH1bxQJE31helaGpf-OG5kUW6y0A66h"

7 Console Messages

Source Level URL
Text
javascript error URL: https://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2037571623&i6=2001:ac8:20:3b00:1011:84fb:4a99:6a9d&r=https%3A%2F%2Fultrasurfing.com%2F' from origin 'https://ultrasurfing.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2037571623&i6=2001:ac8:20:3b00:1011:84fb:4a99:6a9d&r=https%3A%2F%2Fultrasurfing.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pr-bh.ybp.yahoo.com/sync/taboola/%USER_ID%?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.sxp.smartclip.net
ade.googlesyndication.com
ads.smartstream.tv
ads.yieldmo.com
adsdk.microsoft.com
adsdkprod.azureedge.net
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
b28d2d01d72fba52bf4c689c025db451.safeframe.googlesyndication.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.neodatagroup.com
cat2.hbwrapper.com
cdn.adnxs.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cds.taboola.com
cloudflare.com
cm.adsafety.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fra1-ib.adnxs.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imprammp.taboola.com
increaserev.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
region1.analytics.google.com
rt.marphezis.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tempnextstat.bcovery.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tra.neodatagroup.com
tracker.neodatagroup.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bing.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youronlinechoices.com
x.bidswitch.net
api.rlcdn.com
fid.agkn.com
104.102.35.84
104.18.24.185
108.138.1.25
13.32.99.105
141.226.228.48
141.226.230.50
142.250.185.98
142.250.186.162
142.250.186.38
142.250.186.98
147.75.84.158
151.101.1.44
162.19.138.83
178.128.135.204
178.250.1.11
18.157.204.212
18.198.123.21
18.210.239.202
18.66.122.63
185.239.173.66
193.135.9.124
2.19.228.175
20.101.38.191
2001:4860:4802:34::36
212.82.100.182
213.19.147.42
216.52.2.91
217.79.178.236
23.215.22.18
23.37.42.132
2600:1901:0:8344::
2600:9000:224a:6000:6:44e3:f8c0:93a1
2600:9000:2261:f200:a:e047:752:b361
2602:803:c003:200::21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:17e
2606:4700::6810:5814
2606:4700::6810:85e5
2606:4700:e0::ac40:6103
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:4f:1::45
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:22::1726:62d3
2a05:d018:d29:3602:66be:b78c:9970:b3c5
3.224.8.5
3.75.62.37
3.76.101.133
34.102.146.192
34.107.148.139
34.117.132.248
34.120.135.53
34.249.220.178
34.96.70.87
34.98.64.218
35.186.194.101
35.190.39.111
37.252.171.52
37.252.171.85
37.252.172.123
40.85.112.191
50.17.141.61
51.75.86.98
52.222.247.205
52.223.40.198
52.46.130.91
54.154.3.66
65.9.66.97
67.220.228.202
68.183.18.251
69.173.144.138
69.173.144.139
8.43.72.98
88.221.168.207
99.80.176.143
019162622d7d1056dd54e47d9caad7fb0b5087ca580d1f68450992290b631b02
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
0390a205adde41148772c08262a87b8b173f4d1df61e9ce323b89069827643c2
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04b98cc04aa55c6e947d489b64addfee0bef309aa546824b1c9c75e1ec2bd0f4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058aee0d433f6f58a2ad55cc56e4af02de92f496136ec43e149e7cc3da46ad4d
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bc438a81432f207bd95969cb0c301ffe06acee4c9c8873bfb8ac1e6508b8cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c76f4a9d4dd6b74fb4030a555789ffc7e6b57c9c131b281702a95d5dbbe48ee
0cb8933d9081293c7b1f6d16e831572b659dbe1b36979215387014e89fa099eb
0cbde1c6e98dab93b116c69b69ccdc668cd51ab5a07ca9ce270b10612014fef5
0e891bcae779b03f19df737dc234750481d3f4eaf29de50135f760b5b5f9ac27
11a4a52c8b60154236feb7a6a746d274bbbe19bacfe68ff46dc973728778d4b2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12c9ac55dbbb5a001ce96ef809fa7d647a07235dbbbbc72aac8a5adf7da7d63f
12ecc52fd6663a3a493262010b9d602b8e569698181883f3263558428b2b2e85
13dedcd4ce3549c07e1e14ce874c0105d8d335ccf5abd552b0cbb0f65d9e8dd1
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
14e1bc83600a94c60d4b4aa7f807e6bf1fc9f1bc7cc55e7b06e49d1debf85ff0
16e7c8eaa15beb0a7ec9da0edf88dd933faa6326f2d3e4deb7cde6b5540e5836
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194f63583d587ab293fe62247438e076750a9b2dc4e2e31581ef0ff4adcbb2f2
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1f33e47e8523f2f1f5c4b387e85eb76cfe4ab8a49d0860c7eaddc85ab38898df
203316af71b5e6266f6b921ce23ebf03baa8bcb293645da6b9c78718d6c6def7
228935d212c1f330fe0795c096da16ddb1da86d049fc8b9106362f3ce436836e
22f0a1deaad55d20892f403df7572309e177e5a65eaad2fca1e811f3876d51b5
24ffbb0f8d6b247d929cbeec75000703a3a04695323cec5c2ddbfad6fcf6cb5e
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
27269163d9924bcc1dfaaa4978d36bfcf6c07ef09d09ac020f7001186d4cdce8
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937
2a3983846d126d33a7bf4c1253e349d31bedde82335e4ba0bcdc4df9889bf58c
2d5852a50c137b7591dbdbf7f68d815ca95611ba16bcd2e9bb528a606835db7a
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
337645bd51778fdb8a0b67f632c48007ade2265186915085e3cb4dd1d645b9cd
3585215ed1585561f0fb04e9b8a7b4df5a10a5f00cf534ed54ab1260e4ff397a
366880a2cd2848131cb136b871d81abbb5496b2c972bfde6f6c3179735235e82
37e8d7628f918af28715ed00e4af2f20473b925edca385179d7294d3d6e512c2
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb1dcd0e74495f84822ba68bc239aa63c0fcf043c4f050988fa66e8e8ce9e1c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400e6a2388f7dedb5855ad3af8ac11c890a7385f207ec80cde797067d7b560f5
412930d5c0e70458a49866b0d7621325c81aa80e8674d25520c656f908268ff7
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
440186869a970b061b2e8fdfeaebafbf74de87ab49beed47cc37ee8bd973e781
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4a4d966d833320a09fa26eaa74e0cac48b0521887dfa620e641460e211947c7e
4a7deb941ed6f277e58037600eec4ed6dbc40d122f49a327d44f618396476e0f
4cc14b12b08d00c999abce01632fce666bfe8c884b9b1eed31464a69b72d847a
4da6662a5ef0005329ee61bd2c3d36000bfa5e0a40865790aafdda94a3a48564
4dcf7bf96bafab40e9e703839a4ddd4774fa034484c44cff3ce86784ac8014fb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529adb1534eb382ac40ad2f5d22aeff9c8470095a668b344f5c71e8696c412f7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552041e48635f37e185eb603ac572b8b4e9978e95a4aefebf5115fd0ac2cb14a
554f7c3996f6a32b41a1231672d2725dd5ca2ebde7b191caa4c59ec8eb1a440a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d
594296230a5956cd55925715cd30d4c735c4cec300bf847c25542e42066a15cb
5a40db77b7ee185ea8aa8764eaca37df8760e2f17864b2e34b083580594c3b23
5c2fe7ec10f1c647f3a8b311871e442222035e4ecb95b9a5cc3a557af93768bc
5d3b8b373035174d6b983146e654d9a55a5607568032335bf109eb0db2344c71
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621c250c36bd0082a54d3a22cf4a63df58a400f0cfa95db822fc3f69a137c4f1
625b9b9cdd68df14735c330ffe2c474045bb3f778b09909a691fe47e9408e0f2
6276b58eeacc0f6c5c05d4d113c6e0ab0cc6004cf6a0df18df2d0396f1819b16
6612a6c310f563ab7c444bdd6d932f6411d2c6891629e97ec3dab9dc601914c5
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67be8949ea1e2eb3d6be5236e65700699724076121e6acbff4a3283740688115
67d1eff4187776692400cf818ac90e2eb32115720d8a6cf2fdd1a355802d4fe9
68555314cf5cef418f3cb5228b65bfa0082f770eeedefbeefb8e4398cdf04cd2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3e706df43bf901eabf8db82db70740c2fe4ad822be22704fc843d4da1c168d
6fb10501a0236160e8d4d00f4e55ff1f6101e4f5eac1b06fe91a313b120bfada
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78234fc21525cd9c36dcfa91e415e49c89e76cb5589c1365cae8adfd0eeb1fe5
7843548832366940bed0c48b1c39df67280f78aee7c0ddc815751a8bec202f48
78b5554ffee8199f335a221aa1db632e2056c8459c21cebc9b05ed8a7474ae89
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
79dfcd4f1764fa61ae0e294c5bd8948af8190f679a04ad933ef0e8bacda83a9b
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
83b8624fb455f1bc5eda860dbb548afd6787745c2b61cc302c267be143019538
83e99b0afe85b3257ed842f2a5926d98b55bdca378e9951a955f1759f213efec
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
857ae8ee4da7314c4bb3ebf9879ac5381ee43689fa1c58ceaf54b247bf37ef28
85ba0f0b13c1c263b7aca44a4e86daca19239f4b2304d878e938e6f6dacc8b0f
871aaf59f93f50472669f834cb35fe989e6fdba2af2100421fc7eb41662faca1
8b7d4053f086fded20ae136d33ba39e202e50c0aa31ec8be2d26ab09bbed3a37
8c124e366c0dc7e592611ed32e0d9428fec59c6b68f9ee4663deb704d07ef3a8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d92c17d733818e73cce21022fcca2a0b57445f8d528107c9a301b2ef7a12353
8e28f3095ab6a6d38a22dd1d9beb0bfab87586ecfb247852cd7ecaeeba26855f
8ee0e1a8b8cc7207cec63ddd79fd7d5d4495fc013cba0c86c341d98d99e35177
9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03
9a8131ee16ef4cdb74cfeae84b098245144fca19b0891c6be1fe8944a5857a32
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28b704336e7739937e95d7589d7eaff57aefc82a5a5f97fab031e99f9d47da6
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3c71b45ebd7b1409bdc6c7d72f808ea2a3db88e615613d9d9be64aea51336f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5a22024876fea7d745e8ed4e6ab57125c187ac5cc2daab9e04255d2707eae21
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a8157c627685ef9620478a64c85ada02d6d1771620b29c7c33856ec70381d288
a9618275c88a57213b907596bfbbbe118ca15c3df8a41881b2ce151a89f92b39
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ac620699086f9dd7de888f4c53c52d64a623ae218b2b739ae8d6373e9baf3beb
af9c1d60b31262eb0c2f18a0516743a3831e9a89c7c0691043c4e064db3cd56d
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b38620ced16aae7fefef845e09c4d3d28a82767a09c84ff0ffb8a25684fc9423
b5056a174256e4327365e990497213f4f7b514087e58ca4d36a59cdabb4d8495
b93335d3d4d516af62f2e175bd65ebf9578e5da250938a6a79137889f0c65439
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc34e253dc12a544a6f1d3a2be1e881dffa34f5a35b4a2028f84cb819ffc2753
bd739bc897e859fa14dcc28daf0839a574845b74c51552e9ec5015e276553b3d
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c446fca5516a0504b7f1b6f62bcb7b401e70477783bd121783e0bfbed9bbfc76
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
cb1a29e29a407b237cc690a296b466c5a67a8448aba71ccff1d9afee6e056927
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdba0a6dcecf9e71166cd25f1edbdaa503d5f9daaca1ee609e8516723aa21e39
ce6d6e164cf91eb1f3937698b3030d2c276f54a95dd43149a16f0d106804f943
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1663dc0e4bc933715687b61b19005d6eef20bd199c2cb866649097428f69cde
d3224a514a8b7464936f27192704f20562f8b1900a6c49b4ee91248757462e95
d53993eef40ce4e4dbfdfc79cbf4a2c6c2d28f78e3085e9f1ceef5b5eedbba6d
d552536a5a0578b138ae9773acf8151f5fd1506011d3183a11c41b1fa14ef4a9
d61cc90311624aa6eb2e0a2ec930b8dcebe7209a54973d30fdb2c65f24389be6
d65087006877dc77a1a0dbad0b8670f9366a63d5fee2db704d2045d4a70ffb63
d8cf696286a0c5b6d7342984e3207fef64061a8c6ef1ade7ee33c93d33e0369f
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d96892632d08aec3ffa5fb2154605fd8c86ddb6c27c9b442568910de1bd2d2ab
db1667a1767ab748b1fc0d11afa86c01d330e28596507e3d69a68a814f1671c0
db64c3d6b5fe654a4085c58fb1fa68f3550663dcaced7952bec607bf02d37d53
dda04ba13ec4ea2c1b960b15b6cfe3f6345035db5628327534d910437cd66c4b
dfe8df7b2ae96d2b873b642de61228f01d3744b4ce8d6c945767ed17b01ec871
dfee792e4ce75d18128e0b0ce17ee76873564b878be701e6a54f8022a0164180
e0840c1aa485354354a7ee9ccf4aa30ea639dfd6c4195f42bcba2e23d279e482
e1aef345648ef3a54550a4e2006f778f2b366464ff865bfca1f61251067e9699
e3485515d5d7e4754cf55ff54925c790e2e1ed3929c060dd284d670ac5fa5d4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ecb95d9a3c9c714f88e12c660934b37923b3ac107aa764a50b27ccb462808b2f
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa038922b937b6e718c218697cc12660061146cec46deeeeb11ef52526d2ffb
efda14f9011083c35c05e555316dd820de6d3a8b244ee5a6ae61db3ef422cb34
f04b202d12ead4c234e761959a8880533c9d444447c8f5bcf49c266856cdb449
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277
f14e22ef2cd3eacc2b32c28de58341e1ea4ce11f1e2081c47976fca72ee9f5a1
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f4cf7dd2f5981a91b36e1c2a82e3b6d0b02d72845e273ed9c99f40ac5cc215b3
f65f97a4b8df6d6298c1ce56cc871d6076f6b68b20a24393db31a5ea10a6dd58
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
fa5fa854273f3c824649ec9ff14a3f389cea08b5334699aa7b98f82770754b34
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc2d30fedcd043be05b91f896ec2963ad4774ba80fd6818438f3a3b257cc6d95
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
fcfd73cb098ba03e6658ea7a0ed7a9e48a4095a00c0f31856be695790d008a86
fd6de231a90f1f4a0ecd6d338c89e5841df7abbf9dab57a41f7ffbd0139ff949