URL: http://ultrasurfing.com/
Submission: On December 25 via api from IE — Scanned from NL

Summary

This website contacted 73 IPs in 8 countries across 48 domains to perform 255 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 298303.
This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 8.241.45.122 3356 (LEVEL3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 151.101.193.44 54113 (FASTLY)
67 151.101.1.44 54113 (FASTLY)
1 3 13.32.121.72 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
4 108.138.4.10 16509 (AMAZON-02)
1 184.30.21.51 16625 (AKAMAI-AS)
1 2a04:4e42:600... 54113 (FASTLY)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
8 141.226.228.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 52.28.203.152 16509 (AMAZON-02)
1 13.32.106.197 16509 (AMAZON-02)
1 18.66.122.36 16509 (AMAZON-02)
1 216.52.2.19 30282 (AS-INAPCD...)
1 3.67.152.39 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
1 147.75.85.234 54825 (PACKET)
1 34.249.65.187 16509 (AMAZON-02)
1 51.89.9.254 16276 (OVH)
1 185.89.210.90 29990 (ASN-APPNEX)
3 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 34.198.143.91 14618 (AMAZON-AES)
1 18.157.162.215 16509 (AMAZON-02)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 23.218.209.56 16625 (AKAMAI-AS)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
3 54.234.46.36 14618 (AMAZON-AES)
1 2.19.44.144 16625 (AKAMAI-AS)
1 18.66.97.8 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.234.22.15 14618 (AMAZON-AES)
2 54.73.211.146 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 141.95.98.64 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.72.235.91 14618 (AMAZON-AES)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
1 151.101.129.44 54113 (FASTLY)
3 162.19.138.82 16276 (OVH)
1 52.24.69.139 16509 (AMAZON-02)
1 151.101.65.44 54113 (FASTLY)
2 35.71.131.137 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.233.111.211 14618 (AMAZON-AES)
1 2600:1901:0:8... 15169 (GOOGLE)
2 178.250.0.157 44788 (ASN-CRITE...)
1 54.158.226.104 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.230.50 200478 (TABOOLA-AS)
255 73
Apex Domain
Subdomains
Transfer
82 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 937
trc.taboola.com — Cisco Umbrella Rank: 664
trc-events.taboola.com — Cisco Umbrella Rank: 1573
vidstat.taboola.com — Cisco Umbrella Rank: 2797
am-trc-events.taboola.com — Cisco Umbrella Rank: 16662
images.taboola.com — Cisco Umbrella Rank: 1571
imprammp.taboola.com — Cisco Umbrella Rank: 13650
am-match.taboola.com — Cisco Umbrella Rank: 13378
am-vid-events.taboola.com — Cisco Umbrella Rank: 13073
sync-t1.taboola.com — Cisco Umbrella Rank: 1183
pips.taboola.com — Cisco Umbrella Rank: 1498
cds.taboola.com — Cisco Umbrella Rank: 1559
3 MB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
81e69b07a15762b6bb0daf646650e9c0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
111 KB
16 ultrasurfing.com
ultrasurfing.com — Cisco Umbrella Rank: 298303
134 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
326 KB
12 google.com
cse.google.com — Cisco Umbrella Rank: 2978
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 436
adservice.google.com — Cisco Umbrella Rank: 72
172 KB
12 vidcrunch.com
cdn.vidcrunch.com — Cisco Umbrella Rank: 48593
servt.vidcrunch.com — Cisco Umbrella Rank: 56559
serv.vidcrunch.com — Cisco Umbrella Rank: 103987
3 MB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
176 KB
6 gstatic.com
fonts.gstatic.com
94 KB
6 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
489 B
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
2 KB
5 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 8862
track1.avplayer.com — Cisco Umbrella Rank: 10004
217 KB
5 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 21
imasdk.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 37
127 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
95 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 562
3 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
19 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4234
a.ad.gt — Cisco Umbrella Rank: 3631
4 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
10 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
154 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3279
365 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
529 B
2 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1838
170 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 8983
adservice.google.nl — Cisco Umbrella Rank: 13489
1 KB
2 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 84402
p2.gcprivacy.com — Cisco Umbrella Rank: 14702
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1377
at.teads.tv — Cisco Umbrella Rank: 4867
4 KB
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2433
427 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2050
250 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3170
11 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1200
17 KB
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5944
1 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
507 B
1 marphezis.com
brightcombid.marphezis.com — Cisco Umbrella Rank: 9709
98 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
1 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
12 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
363 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 629
225 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
170 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
163 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 871
239 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
1 KB
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 115
453 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 15276
260 B
1 increaserev.com
increaserev.com — Cisco Umbrella Rank: 89789
155 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
255 48
Domain Requested by
52 images.taboola.com
16 ultrasurfing.com ultrasurfing.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ultrasurfing.com
13 cdn.taboola.com ultrasurfing.com
cdn.taboola.com
8 www.google.com cse.google.com
www.google.com
tpc.googlesyndication.com
ultrasurfing.com
8 cdn.vidcrunch.com ultrasurfing.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net increaserev.com
securepubads.g.doubleclick.net
ultrasurfing.com
6 fonts.gstatic.com fonts.googleapis.com
6 c2shb.pubgw.yahoo.com increaserev.com
5 trc.taboola.com cdn.taboola.com
4 sync.search.spotxchange.com 4 redirects
4 gum.criteo.com 2 redirects
4 c.amazon-adsystem.com increaserev.com
c.amazon-adsystem.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 id5-sync.com cdn.id5-sync.com
increaserev.com
3 am-trc-events.taboola.com
3 track1.avplayer.com
3 servt.vidcrunch.com player.aniview.com
3 fastlane.rubiconproject.com increaserev.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
3 www.googletagmanager.com ultrasurfing.com
increaserev.com
2 mug.criteo.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
2 player.aniview.com player.avplayer.com
player.aniview.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
increaserev.com
2 id.hadron.ad.gt cdn.hadronid.net
2 player.avplayer.com cdn.vidcrunch.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cse.google.com ultrasurfing.com
www.google.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 81e69b07a15762b6bb0daf646650e9c0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 id.crwdcntrl.net increaserev.com
1 idx.liadm.com increaserev.com
1 lexicon.33across.com increaserev.com
1 serv.vidcrunch.com player.aniview.com
1 imasdk.googleapis.com player.aniview.com
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 a.ad.gt cdn.hadronid.net
1 vidstat.taboola.com cdn.taboola.com
1 www.google.nl
1 stats.g.doubleclick.net www.google-analytics.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 p2.gcprivacy.com p.gcprivacy.com
1 cdn.id5-sync.com
1 cdn.hadronid.net ultrasurfing.com
1 tags.crwdcntrl.net ultrasurfing.com
1 secure.cdn.fastclick.net ultrasurfing.com
1 at.teads.tv a.teads.tv
1 ghb.adtelligent.com increaserev.com
1 tlx.3lift.com increaserev.com
1 brightcombid.marphezis.com increaserev.com
1 prebid.media.net increaserev.com
1 ib.adnxs.com increaserev.com
1 onetag-sys.com increaserev.com
1 ads.yieldmo.com increaserev.com
1 prebid.a-mo.net increaserev.com
1 tag.1rx.io increaserev.com
1 grid.bidswitch.net increaserev.com
1 ap.lijit.com increaserev.com
1 p.gcprivacy.com increaserev.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 clients1.google.com
1 www.googleapis.com
1 trc-events.taboola.com
1 cdn.jsdelivr.net increaserev.com
1 a.teads.tv increaserev.com
1 cloudflare.com increaserev.com
1 cat.hbwrapper.com increaserev.com
1 increaserev.com ultrasurfing.com
0 api.rlcdn.com Failed increaserev.com
255 80
Subject Issuer Validity Valid
*.vidcrunch.com
Go Daddy Secure Certificate Authority - G2
2022-03-16 -
2023-03-29
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-25 -
2023-04-25
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
cat.hbwrapper.com
R3
2022-12-03 -
2023-03-03
3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3
2022-05-04 -
2023-05-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
teads.tv
R3
2022-10-27 -
2023-01-25
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.gcprivacy.com
Amazon
2022-12-03 -
2024-01-01
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.a-mo.net
R3
2022-12-04 -
2023-03-04
3 months crt.sh
*.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
marphezis.com
Amazon
2022-10-30 -
2023-11-28
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-12-03 -
2023-03-03
3 months crt.sh
outstreamedia.com
R3
2022-12-04 -
2023-03-04
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.hadronid.net
GTS CA 1P5
2022-12-14 -
2023-03-14
3 months crt.sh
*.eu-1-id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.google.nl
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-11-09
a year crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.ad.gt
Amazon
2022-05-10 -
2023-06-08
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
lexicon.33across.com
GTS CA 1D4
2022-12-21 -
2023-03-21
3 months crt.sh
*.liadm.com
Amazon
2022-09-30 -
2023-10-29
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 10 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: BE37521BC06FB732A6F2582283EAE78F
Requests: 188 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Frame ID: DCA5476F6AE44290C459DA5430F27D1F
Requests: 4 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&cmcv=&pix=undefined&cb=1671960799283&uv=3246&tms=1671960799283&abt=nrlc_vA!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=75c23438-0a49-4433-aa54-fb1bd2346d55&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9C6DF215636175221ADAE5CA55E22573
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C585900DF86FC13BD6987A79CDE49A1D
Requests: 4 HTTP requests in this frame

Frame: https://81e69b07a15762b6bb0daf646650e9c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B50B1885207DE2A5F270206285608F2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6814570BC8C74A26C86D4B964D1EF665
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E45F74D6B44C388849552BD44CDB5F8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: C2F1CE6741D6F0ADC84C34033F1B0BA6
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: DA6CA56968752E2817E551A4E8D3BAB4
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: E87678909864AC352E2E6BED3AF96C2F
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

ultrasurfing.com/ zoeken

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

255
Requests

85 %
HTTPS

47 %
IPv6

48
Domains

80
Subdomains

73
IPs

8
Countries

8388 kB
Transfer

13501 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Request Chain 37
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671960798162&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671960798162&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Request Chain 76
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
Request Chain 144
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2accf5a2-8437-11ed-83f5-162d46060306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
Request Chain 147
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2acd1e4b-8437-11ed-9a53-1626150c0406 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
Request Chain 183
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yi-wknx6UENvWmdrWDc1SFJXNFlWNUkwMHJGQlZYWTZWYlpDL0VXb0dZTzRrTjBQQitvTDVrREd4U1VuL2dEZ3YwQmREZE5vWHBuTVNwZmlyKzh0R3JkOElOc1dnQytMQnBJaTVla011cHlzeVZDc3dsUElNdlgzcmlYdXlwMTV2TStVWjdNQXhEY2FRL2t2dHZLUlNhOGNFcVNEVzZxQ0t3TVdzdm9TT0JwUi9LTk96dFJ2dVQ4VnQ1bFZJUVNtSFEwQjkyNitkTFd4R1VleTZST3ovOGZYaldwZ0tpYmpiSkc4YVlSRTNTNXR6bmxVdUVmWm1sLzJYaWNJeHprYmpZRHVXfA&cppv=2

255 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ultrasurfing.com/
10 KB
4 KB
Document
General
Full URL
http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130687fd3fe43fe2232ffad04bde626856ec531dbebcc02a8abef3a69646a0e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77f09306a90cbb9e-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Dec 2022 09:33:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygzCI3Y9uzoskEJ72Zl325Ua2BfDmsczq7Fh12vfAqr8sQk8wW5V8H7GDRVHmTvnenn8bEJeS9LyhVaxJlnDjbE0z%2BTWEN6pOe9EiE4vb3g2Z0KO5P6kNOv2erp2nQu79tT4iH08UEM5EPisj2rg"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reset.css
ultrasurfing.com/css/
773 B
1 KB
Stylesheet
General
Full URL
http://ultrasurfing.com/css/reset.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=1050
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
W/"5f9a61f5-41a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRLatI7HPt6Lz5C0o7FHUOALxclYVxzLnkhQ7O8nSpCxRjq2aRRpV7rgDxGQ%2B0mB6vBh1pWcWIYI6P%2F1XzVpuVICbQG%2F770oI0eIVmf3ii5UCMRtUZPZ1LVphgH37CUBO9rb00BdkXfipHaqMrLX"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
77f09308dc80bb9e-FRA
style6.css
ultrasurfing.com/css/
11 KB
4 KB
Stylesheet
General
Full URL
http://ultrasurfing.com/css/style6.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=19201
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Mon, 20 Dec 2021 04:00:21 GMT
Server
cloudflare
ETag
W/"61bfffd5-4b01"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh3dMKPbVSgwPLpN36nSD%2Bw5yUS0gZBYhjVEGXrfYLe2ofeQmDC1ii8RVd1EQGb20CR8BkOnKwnc0V6Bff%2BaVSAP7oytSCps5jVE%2FbtvOmcJ3zFtkLOxAPhgP67DwK0v5plLBgQN4xP94dPFVnyH"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
77f09308f9e39000-FRA
ff1309b3_photo0_610.jpg
ultrasurfing.com/images/
49 KB
49 KB
Image
General
Full URL
http://ultrasurfing.com/images/ff1309b3_photo0_610.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447cb2bffafd6564b1b46aac639c114c6b98eda0b6e6fe8644703744b47f037d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
192730
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
49759
Cf-Bgj
h2pri
Last-Modified
Fri, 23 Dec 2022 04:00:02 GMT
Server
cloudflare
ETag
"63a527c2-c25f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVlGvCDOU%2BzTgj9v0oGcN0R%2FoTNVzJUCVli6BN6i%2FoDxV%2BKiQ1ppLjeOXfKerzR8wz17VGv9xt%2B2GtTx98D7NTygTDuYqEAzKHtR4IqKQzQMcifqBqVy9JnA%2B3fog07vP%2BnwUc1cEeANKWM1c62n"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f093092a499188-FRA
Expires
Sat, 23 Dec 2023 04:01:07 GMT
253f6550_photo0_190.jpg
ultrasurfing.com/images/
6 KB
6 KB
Image
General
Full URL
http://ultrasurfing.com/images/253f6550_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea61672e28f3a8af73bb047a744ecc8244f517b6ec91bd95c60b587a24b966

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5759
Last-Modified
Sun, 25 Dec 2022 09:33:04 GMT
Server
cloudflare
ETag
"63a818d0-167f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omcuLEh2QlEjvM%2FQhExqwbio%2B2u1xm1Lkx6imu0QWVTAj5rwSSlHbW%2BTa%2BaDJZKEhbL4oHpoFrXnYrKQdj0LhTfXwjcvP55E6zLozPZkLBaH%2FpWfSPaqxyRpsvTA%2F1MaEzcKXCd0L7gMIUlEh0Pg"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f0930929e0bba1-FRA
Expires
Mon, 25 Dec 2023 09:33:18 GMT
4c4808ca_photo0_190.jpg
ultrasurfing.com/images/
6 KB
7 KB
Image
General
Full URL
http://ultrasurfing.com/images/4c4808ca_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234ff655a53dd4133ed246599b95785d658451cb63668c13ef8e33b6051788b0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6594
Last-Modified
Sun, 25 Dec 2022 09:33:06 GMT
Server
cloudflare
ETag
"63a818d2-19c2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G11xgTjWPzA7Mvh3SsG63JSAv8P7BiKanVtSlhP%2FuiVuf6Vcx54n4DD2hupniN9y4fmRS1QuxE9B2OvdKq%2BIlnWdkmkWnBHtZccqM4lc1h0SN8Rx%2FT6Xp99oM6Q14sCTfVblDd3lPNzi%2Foe3%2FXBZ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f093092ec49b70-FRA
Expires
Mon, 25 Dec 2023 09:33:18 GMT
ff1309b3_photo0_190.jpg
ultrasurfing.com/images/
7 KB
8 KB
Image
General
Full URL
http://ultrasurfing.com/images/ff1309b3_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc648aacc0198cdfe0ccedfcf2ce262022f4fcabd7e15d6099a820c6458884d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
192730
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7026
Cf-Bgj
h2pri
Last-Modified
Fri, 23 Dec 2022 04:00:02 GMT
Server
cloudflare
ETag
"63a527c2-1b72"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMqylvtGd7ogOSXvyrAvHgor%2FLL%2Fit0l9kkYe3zr8mn3nAYPfQayeaJWVdtwpWEToQxDzXKW2BAbbL4ianL7kbfQ6CrVYblHm2XhVScq9taaCNBPisGVU3lddZkf%2Fl2UxBYkNdLXhj%2FW8rkA7rnW"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f093093dab9b6e-FRA
Expires
Sat, 23 Dec 2023 04:01:07 GMT
6c545283_photo0_190.jpg
ultrasurfing.com/images/
9 KB
10 KB
Image
General
Full URL
http://ultrasurfing.com/images/6c545283_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
491ba77d589e51b87284bca75f92ba6828f4dd011736750d06a4739d9e0ea66f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
110747
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
9484
Cf-Bgj
h2pri
Last-Modified
Sat, 24 Dec 2022 02:45:01 GMT
Server
cloudflare
ETag
"63a667ad-250c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DB1DSDb%2F7ZBOkDEfGOFB33zdVyt33suS5JoC82Thn6r0D2%2FdOgh68%2BrE8Rgm0b7aZMs9BwJnhF8vKzqyJpNXDAp%2FX0TN7h%2BqbRtYkjxnq1oNwGor0DozpSyGclrDGkt6reR%2FedFv%2Fzb3VyDwivGn"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f093096e2a9b6e-FRA
Expires
Sun, 24 Dec 2023 02:47:31 GMT
1dacd030_photo0_190.jpg
ultrasurfing.com/images/
9 KB
9 KB
Image
General
Full URL
http://ultrasurfing.com/images/1dacd030_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03f8018a775536dc007514e6449b220ccaf1cf4da04175c827b42ab09d00ba7e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
110747
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8751
Cf-Bgj
h2pri
Last-Modified
Sat, 24 Dec 2022 02:45:01 GMT
Server
cloudflare
ETag
"63a667ad-222f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8E8YjgHWYjHzpFqAQnuxRRM4Y31DvdNXGbM7mqQN1MarzmRrVOGzWn6HIAaPjgz9jkm38WDFdRtawdOG2eK%2BrffTlyQDG0EyMegRdpgsKeCs1wQ3RQWXstL%2BBOM6OxzD%2BJL370Niq%2BhstNGmKl8"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f093098b2a9188-FRA
Expires
Sun, 24 Dec 2023 02:47:31 GMT
6cfae70a_photo0_190.jpg
ultrasurfing.com/images/
5 KB
6 KB
Image
General
Full URL
http://ultrasurfing.com/images/6cfae70a_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc78f995d9031c814a4f8c5c97548927e87d8c24ae1e18157e1ad8dcf29ee07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
11934
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5176
Cf-Bgj
h2pri
Last-Modified
Sun, 25 Dec 2022 06:12:03 GMT
Server
cloudflare
ETag
"63a7e9b3-1438"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbF7YxL5ELWpKU05PVBslquoivc8zxZxBgOoenNhT0DWc2yJyX5CzB1R%2FMiBiPWE6mMZeeGMa7GMKBhizETgoz6CC53llHWQjgl3AjMW8Wnp4aMUJvRXBH2PZokKD9CnvZu5V76KaI%2BPI6sjNGBW"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f09309aed19b6e-FRA
Expires
Mon, 25 Dec 2023 06:14:24 GMT
42ce099c_photo0_190.jpg
ultrasurfing.com/images/
6 KB
7 KB
Image
General
Full URL
http://ultrasurfing.com/images/42ce099c_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9847e45f88f9af23d7bf0d6fb97f162115b550dc98ac3e2aca7f59a00e922141

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
44866
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6339
Cf-Bgj
h2pri
Last-Modified
Sat, 24 Dec 2022 21:03:05 GMT
Server
cloudflare
ETag
"63a76909-18c3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNtKo9B1mPldOkU8I%2Fg0i1dWeL7zpDNoCfzFt7BSIxSYQnYxy98ym2eefsjGfQJ9TIulMwx7bHgZSIjYyu2CjnVrFYz7GFfbPwS9zz2Hg9OZp0fE0%2B6AdteuZpeW3TEypTIQeFIWeR6ZDoRSWZx9"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f09309bba59188-FRA
Expires
Sun, 24 Dec 2023 21:05:31 GMT
2ed19c91_photo0_190.jpg
ultrasurfing.com/images/
7 KB
7 KB
Image
General
Full URL
http://ultrasurfing.com/images/2ed19c91_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba08d703347050c604f1acfaa4d57b8cf60d5fe8efeea683ba8758d4fa6ca6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
13901
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6708
Cf-Bgj
h2pri
Last-Modified
Sun, 25 Dec 2022 05:39:04 GMT
Server
cloudflare
ETag
"63a7e1f8-1a34"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2PKAUSBTqNdQRoy1DY8963Om7yadYNXBxrMoW3wO9oWMcFS8eaZ40%2F5DLn9q4XffPwT1YTHE75Nai85YW0PkOyS%2B2vIoafZeiUuaK4iK7HlvVNzNzkVoeSb6EPqp3M2I0vaMl%2BRJ6Or0ramGkxJ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f09309df3e9b6e-FRA
Expires
Mon, 25 Dec 2023 05:41:37 GMT
rocket-loader.min.js
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
5 KB
Script
General
Full URL
http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 20 Dec 2022 16:36:20 GMT
Server
cloudflare
ETag
W/"63a1e484-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqCfOK3kagbCy8RSkXVxkqr5FnPZO029OXkFfrUM09hTdQ0K9J4KxjKLrpn2pCsPVbjarBOX1ttqLY%2F4yFzDnzcx4iAfm4lcaCznrUMun1j7js7gB44QSqiuKCVL7kt%2FF0aJQErnJubHNPkim4%2Fq"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
77f09309ec129188-FRA
Expires
Tue, 27 Dec 2022 09:33:17 GMT
Ultrasurfing.com_Responsive_ICF_260722.js
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/
31 KB
9 KB
Script
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/Ultrasurfing.com_Responsive_ICF_260722.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2dc805d6b646bed8143003a293b2dfe9790f7a840b90c270465db84b421012a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
x-cdn
Lumen
x-amz-request-id
3FBC4G0K7J79RZ5R
age
1011388
content-length
8923
x-amz-id-2
fJdU0+Cvzpeamb2yLB4xPXPx3d8Te6epsUkB0UtYZ65epNcI2VNTl2ad1Yd/PluOoFXel7bR9SY=
last-modified
Tue, 13 Dec 2022 16:35:04 GMT
server
AmazonS3
etag
W/"c0a01350c33929fb6c9c06449145f0b9"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
must-revalidate, max-age=0
accept-ranges
bytes
expires
Tue, 13 Dec 2022 16:37:03 GMT
cse.js
cse.google.com/
7 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=7ad2abf139d1cf804
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
383a436f40226fa571b607ac743a7e8f7f9ab3f00a11ef5839506bb63714e625
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2871
x-xss-protection
0
bfcache-opt-in
unload
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="gws"
expires
Sun, 25 Dec 2022 09:33:18 GMT
aaw.ultrasurfing.js
increaserev.com/ads/ob/tage/
550 KB
155 KB
Script
General
Full URL
https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff324febb6bc1c45209a5d5ecbdba0219af80e836a06042d6b4d782b189066d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Dec 2022 11:09:39 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym3riF2rPBKRKVuigUG25Uc9%2FYoDl0nDakV1ljwKxXilEC5SjRiCR0K0U3xrBhrc7yZjQLKzawDMpSiL%2BxARLfPZrmMQcNzhOqBdSy3xdzdftgcwbxQlb4fMma9qDcwwjucm30XxK8jd2wQ%2B%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
77f0930b8aaf924f-FRA
access-control-allow-headers
origin, x-requested-with, content-type
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105623949-1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
984f92a992f6c33a96a6dd7d6bed449a9bfeadc7fe208ed93957389b2eecfc4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43653
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 09:33:18 GMT
bg_header.png
ultrasurfing.com/img/
230 B
1 KB
Image
General
Full URL
http://ultrasurfing.com/img/bg_header.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/css/style6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1513587
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
230
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-e6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUHHoToNQ6DWa46oLLPTT9FVLJR2X8Andku7ZXNmYNcC72G6dvIWK0vI4KLqJKESxd1z8g0kxVGHje9Y%2FWWzlH1yhLla2GsupY%2BVYShMI9iG5%2FhupKaTPzPhA5wOJ5iLcr0ufJcRkXkgXLTOJ1j2"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f0930b2d929000-FRA
Expires
Thu, 07 Dec 2023 21:06:50 GMT
logo-new.png
ultrasurfing.com/img/
7 KB
8 KB
Image
General
Full URL
http://ultrasurfing.com/img/logo-new.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/css/style6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
13537513
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7316
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-1c94"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTKh0A6Q4kbNDRUMnYLqZZIX0ChfI%2Fmo4hzt20oLGU3U7xJFm%2FPkcUZAKnEhDHUyiQkFptZFVJeLv3wE9z9QkPtxNOXy5g7rIxNZl7lVAN0BGz%2Fx9flBe2N%2BOt05kGO%2BM3DDh86XBTLSkWAcewUG"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f0930b283ebb9e-FRA
Expires
Fri, 21 Jul 2023 17:08:07 GMT
bg_nav.png
ultrasurfing.com/img/
175 B
987 B
Image
General
Full URL
http://ultrasurfing.com/img/bg_nav.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/css/style6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:17 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
15762536
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
175
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-af"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iaB%2FfHFLacVOFu5yHwPOIVksr56GS4u%2Ft744DORuhfUrxMcUD1tC8dhRozwW2whhHxUSFdzEyzVwSdf184xmXCHS2zJsmnQGpCRWSXQDtSxUH3nV96yNkTh4EUlKXaUdIRmNF0bDUxXkAJUB8V6"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
77f0930b2e9d9188-FRA
Expires
Sun, 25 Jun 2023 23:04:22 GMT
loader.js
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/
343 KB
30 KB
Script
General
Full URL
http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1186fb2e987f63900be84680f222da84c659981a30fa8a6187a894e253a7d48

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
.1mE1I8jYb1klTFFL5RBEGv2GXUr9OMz
Content-Encoding
gzip
Via
1.1 varnish
Date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
HMQYNHFN7SE70PZK
Age
98
X-Cache
HIT
Connection
keep-alive
Content-Length
30244
x-amz-id-2
Dplopn2Lb9uCtAg4hxr/tVcqhJIO+tW/fpfgmeAEWycfk1zG9erqb538UOIEoS2Tw/MvJJnZyZQ=
X-Served-By
cache-ams21053-AMS
Last-Modified
Thu, 22 Dec 2022 17:58:43 GMT
Server
AmazonS3
X-Timer
S1671960798.006580,VS0,VE1
ETag
"bd5cfe20234c4225ef902fe28110d073"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
abp
70
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
X-Cache-Hits
1
gtm.js
www.googletagmanager.com/
216 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a11a5ca2354df95cc586653353f4610f3b56bde28d680998de8afb57e53aefe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71882
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 09:33:18 GMT
impl.20221222-8-RELEASE.js
cdn.taboola.com/libtrc/
699 KB
146 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a16d627fccd0fadd4f02db9de6a07c4e7ca17abcf832a0cf87b0374cbff64b2c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
4yMVFaZL485xL2HtRmbCDqbOfqm2dTe2
content-encoding
br
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
P35HBSJFPAJG92J9
age
23560
x-cache
HIT
content-length
148539
x-amz-id-2
YH3uOfRX8rpY0f0gipXLSOjh1U2F5tZv0DeC2pPJlDd7tCOfHUcS3DU7/5V8NZhgKm5YvdoY7Ds=
x-served-by
cache-ams21028-AMS
last-modified
Thu, 22 Dec 2022 11:00:37 GMT
server
AmazonS3-br
x-timer
S1671960798.070495,VS0,VE0
etag
"fd353293fc672a35b1079ac75f6fc865"
vary
Accept-Encoding
content-type
application/javascript
abp
49
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7691
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:23:19 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
76200
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
6tXMraxmoOIa8sQgCMk4XchGWxBZG1RbI4pfKK0Ix9H2AByYMampaw==
cse_element__nl.js
www.google.com/cse/static/element/c20e9fb0a344f1f9/
303 KB
101 KB
Script
General
Full URL
https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__nl.js?usqp=CAM%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eea54f2bbbc0c043777c4d7738b962b674799f5aaf4e02bcc695f24b99d38c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103701
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 16:34:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 23 Dec 2023 17:56:04 GMT
default+nl.css
www.google.com/cse/static/element/c20e9fb0a344f1f9/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+nl.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 16:34:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 23 Dec 2023 17:56:04 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 08:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 25 Dec 2022 09:44:37 GMT
/
cat.hbwrapper.com/
15 B
260 B
XHR
General
Full URL
https://cat.hbwrapper.com/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://ultrasurfing.com
Date
Sun, 25 Dec 2022 09:33:18 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/
312 B
453 B
XHR
General
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae76b9130c6edad0c8d17adb2d94606db750c5500bc6957ecbeafd4c85ac36d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
77f0930c7a962c01-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d4760a6aa7f6fdba7e29114a884ea592eb532db4e41b6dbbca912c464f45586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1431 / 223 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 25 Dec 2022 09:33:18 GMT
apstag.js
c.amazon-adsystem.com/aax2/
178 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 08:35:02 GMT
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P6
age
3497
x-amz-server-side-encryption
AES256
etag
W/"01691be6486b0003601b7299d35deebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
sN3PX1SglGYe4EncT6rDYnJyNUQGaC1zJTbVow_7yP88vvonFyDs9g==
tag.js
a.teads.tv/analytics/
11 KB
4 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
7M143009WAXN3Q25
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=
gtm.js
www.googletagmanager.com/
108 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f531669242cf6df91b8b386ce41e288b3a108858e69f5142c54ab6687bd0653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41788
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 09:33:18 GMT
apstag.js
c.amazon-adsystem.com/aax2/
178 KB
45 KB
Script
General
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 08:35:02 GMT
Content-Encoding
gzip
Via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront), 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1, FRA56-P6
Age
3497
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 22 Dec 2022 18:13:56 GMT
Server
AmazonS3
ETag
W/"01691be6486b0003601b7299d35deebf"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
TAIW2V3Zh_7NFVVzUfFwwY9pfiMiKK6_3DFCXr8sR7wZ9XwuvNudyQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
297f9ba17399952c1c714755f4e3a2b00b4ca7a911cf24533c26a3039b323700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 09:33:18 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
19946
x-jsd-version
1.0.1566
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
916
x-served-by
cache-fra-eddf8230021-FRA, cache-ams21057-AMS
x-jsd-version-type
version
etag
W/"66b-Za0NOhqUsqdyNOVkqe6n6NFrtgU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
519828
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control
no-cache
content-length
0
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/
73 KB
21 KB
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=09%3A33%3A18.159&lti=deflated&data=%7B%22id%22%3A116%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1671731898636%2C%22vi%22%3A1671960798157%2C%22cv%22%3A%2220221222-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1485%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1386.90625%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A120%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1335f0ec7e6455797128454dfd4425a5d8b2a6d635113262e1760c574a22bf58

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
520
date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-ams21028-AMS
server
nginx
x-timer
S1671960798.180388,VS0,VE520
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/
0
90 B
Image
General
Full URL
https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=09%3A33%3A18.153&type=usage&msg=rtus&llvl=2&id=6051&cv=20221222-8-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12813
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671960798162&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671960798162&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671960798162&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
1l6r2J1q4CMtfdLOGHqObiEaiek_epAhqkd3jgQS7DGp18CPQChxDw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671960798162&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
xL5DgUcNuAgZ0q4kgN6uCT5qkZFjLc8PJrlryQsonIJ64ZCfUOnjVw==
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105623949-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 08:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3958
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 10:27:20 GMT
async-ads.js
cse.google.com/adsense/search/
141 KB
52 KB
Script
General
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__nl.js?usqp=CAM%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"7903281105347033007"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Expires
Sun, 25 Dec 2022 09:33:18 GMT
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+nl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+nl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 05:46:24 GMT
x-content-type-options
nosniff
age
359214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 21 Dec 2023 05:46:24 GMT
branding.png
www.google.com/cse/static/images/1x/nl/
1 KB
1 KB
Image
General
Full URL
https://www.google.com/cse/static/images/1x/nl/branding.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af8677b44c8730dd4d37bd1c89183bfb326f53474f472c196a04da756e50fd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:27:05 GMT
x-content-type-options
nosniff
age
173173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1497
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 23 Dec 2023 09:27:05 GMT
generate_204
www.googleapis.com/
0
210 B
Image
General
Full URL
https://www.googleapis.com/generate_204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/
0
127 B
Image
General
Full URL
http://clients1.google.com/generate_204
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
config
c.amazon-adsystem.com/cdn/prod/
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:17 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1960
x-amz-cf-id
2qRFGX6_osqjFdaLw4lxuMOkFjfU9nPOJxaAe2phSzuwc3Iet2P_dg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
Content-Encoding
gzip
Via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
Date
Sun, 25 Dec 2022 09:33:18 GMT
X-Amz-Cf-Pop
FRA56-P6
Age
18806
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 23 Dec 2022 01:05:48 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Vary
Accept-Encoding,Origin
X-Amz-Cf-Id
EVDSpzzZbkifv5zIlYiWOWGEHZq2hm1vLN3nGkjbpiVdY7sTLKy2zw==
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://ultrasurfing.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 25 Dec 2022 09:33:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://ultrasurfing.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 25 Dec 2022 09:33:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://ultrasurfing.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 25 Dec 2022 09:33:18 GMT
server
ATS/9.1.10.25
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
462 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=JHAxET1NjldX5&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22324961b3-c666-4d5c-b1d6-a2192d1ea609%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%2216f44923-54b0-429a-9a29-fad643334ae5%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%2226e7b56e-625e-422b-9e54-0c5421e2e4bb%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.106.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-106-197.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
D0981MPBF82T0CMQ4J30
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
iFMS9z1a5vbUKinSNLmKPKxOq9ZHEICgKEUq6qbF4NogU2O2y-JF4w==
gcid_s.min.js
p.gcprivacy.com/t/
8 KB
9 KB
Script
General
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-36.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aefe48aa26d6a2b3c7ec49454413aeca8367c5dc08b90376e3160fd94edd7c81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ju27DsBMzmUwB7ANA0k6pX8N173iSRwU
date
Sat, 24 Dec 2022 15:51:44 GMT
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 15:51:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
63695
x-amz-server-side-encryption
AES256
etag
"c2aa8d3951b02566ff6378c6e436b3f4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8698
x-amz-cf-id
cG6u-oAT6Q86uvl2yTBuDfA3y_MgSWQ5htbZ59AUYy3OaU5nptJdkg==
bid
ap.lijit.com/rtb/
15 KB
8 KB
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.26.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c838b5bc6b4e64743f79af42a4dd2939f3766e6f46cbc2a5b4132a2454df85fc

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://ultrasurfing.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
hbjson
grid.bidswitch.net/
23 B
239 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.152.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-152-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
39ca6fdb79fb82bf2f5cfbab974c96e623d407abd51c32dfbc44e2cc2a220578

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
48
content-type
application/json
mvo
tag.1rx.io/rmp/252875/0/
0
163 B
XHR
General
Full URL
https://tag.1rx.io/rmp/252875/0/mvo?z=1r&hbv=7.26,2.1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
170 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 25 Dec 2022 09:33:17 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
ads.yieldmo.com/exchange/
0
225 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.26.0&p=%5B%7B%22placement_id%22%3A%22324961b3-c666-4d5c-b1d6-a2192d1ea609%22%2C%22callback_id%22%3A%2218279dc19f95d5c%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%2205135cea-323a-495f-9b20-02e5fd5dd445%22%2C%22auctionId%22%3A%2285ff2e09-7f17-40de-ab98-667ae70dd749%22%7D%2C%7B%22placement_id%22%3A%2216f44923-54b0-429a-9a29-fad643334ae5%22%2C%22callback_id%22%3A%22196f9eaffad0389%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%2263132702-e3b2-498f-a225-bf93ab5db198%22%2C%22auctionId%22%3A%2285ff2e09-7f17-40de-ab98-667ae70dd749%22%7D%2C%7B%22placement_id%22%3A%2226e7b56e-625e-422b-9e54-0c5421e2e4bb%22%2C%22callback_id%22%3A%22203e2c76ec5e792%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%226d6de8a3-2517-46e7-a669-b67b8c1ce839%22%2C%22auctionId%22%3A%2285ff2e09-7f17-40de-ab98-667ae70dd749%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F&bust=1671960798255&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=d3a892d8-5137-4a68-a4e7-c09a54fc76c2&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d3a892d8-5137-4a68-a4e7-c09a54fc76c2%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.65.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-65-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid-request
onetag-sys.com/
15 B
363 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/
20 KB
12 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e14b279f3ecd111bd0ae0a348d69c3fb730ab52c308acac7f94ce58221019654
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.48.94.41; 37.48.94.41; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8a6a5d4a-92f1-42a9-98f3-cac91740e25f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
431 B
766 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591660&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=d3a892d8-5137-4a68-a4e7-c09a54fc76c2%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.26.0&x_source.tid=05135cea-323a-495f-9b20-02e5fd5dd445&l_pb_bid_id=30da80a6b4959fa&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.7569352228508193
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84124563c358f6ef7c846b1c83cda17bea3bb9a3bfcb4a3ffb385429049d1812

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
431
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
429 B
992 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=d3a892d8-5137-4a68-a4e7-c09a54fc76c2%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.26.0&x_source.tid=63132702-e3b2-498f-a225-bf93ab5db198&l_pb_bid_id=3173caee127ba1f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.4959175541740526
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a966c71fd6d4a5c0d261c08b406f9fe336bd6408cd527ef113996b2e4162131e

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
429
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
427 B
761 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591658&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=d3a892d8-5137-4a68-a4e7-c09a54fc76c2%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.26.0&x_source.tid=6d6de8a3-2517-46e7-a669-b67b8c1ce839&l_pb_bid_id=3231891931860a5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.5717278930504757
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
92355eeb6bf78e36d2fc918e092fea0b02132c087cbbd0d3dfa57c04ab87bee3

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
427
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3263c85164d54df17eefdb7ded09df37b24e196bd3a7101a9d83383392a88829

Request headers

Referer
http://ultrasurfing.com/
x-openrtb-version
2.5
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
297 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
92b7b83b25369877730843d83bf89a95e1cdb32f83cdff1cca9a61f5760ed793

Request headers

Referer
http://ultrasurfing.com/
x-openrtb-version
2.5
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2a2046e6ec00dd17f74f7389a4a08cde9b440c314badb267b3aa2b5c47f39ece

Request headers

Referer
http://ultrasurfing.com/
x-openrtb-version
2.5
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
content-length
66
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f6bc5f06ff10ef0a606dba8512244b4894f22b89512f56842f80a36cea3be99f

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 25 Dec 2022 09:33:18 GMT
hb
brightcombid.marphezis.com/
0
98 B
XHR
General
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.143.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-143-91.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 09:33:18 GMT
access-control-allow-credentials
true
server
nginx
auction
tlx.3lift.com/header/
19 B
507 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=http%3A%2F%2Fultrasurfing.com%2F&tmax=2000
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.162.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-162-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
accept-ch
sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/
5 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
615246ae9b630df80309b5c4b7df65bf1b94c8e1522886699a72ee341e001a48

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 25 Dec 2022 09:33:19 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
842
fpc
at.teads.tv/
0
338 B
XHR
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 09:33:18 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sun, 25 Dec 2022 09:33:18 GMT
avcplayer.js
player.avplayer.com/script/8/v/
688 KB
182 KB
Script
General
Full URL
https://player.avplayer.com/script/8/v/avcplayer.js
Requested by
Host: cdn.vidcrunch.com
URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/Ultrasurfing.com_Responsive_ICF_260722.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f15 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3715c561b4f9a2d7abf673cceace1c2dcc40ade4d0203e430944f87cc737f4ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsMEDfLwnSWH5s2goBfKh4QhrX9fbeCzmmBH1fGf7nIIJvWeFWYVth0-5t4NxcRbcd-5Xo7pqSoEvkjyEuA_fvB0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
185313
last-modified
Thu, 22 Dec 2022 07:53:20 GMT
server
UploadServer
etag
"aee8dbf07eeecd471b5ddc8eaf66eec5"
vary
Accept-Encoding
x-goog-generation
1671695600245135
x-goog-hash
crc32c=jLzqCA==, md5=rujb8H7uzUcbXdyOr2buxQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
185313
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 25 Dec 2022 09:38:18 GMT
track
servt.vidcrunch.com/
0
71 B
Image
General
Full URL
https://servt.vidcrunch.com/track?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&cb=1671960798311&r=ultrasurfing.com&stagid=&stplid=&d35=&d65=&d66=8&e=playerLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.46.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-46-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/
380 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 11:21:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
464 B
200 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22f04b0177cbb9f714773bda5d775e3d75bb4b8d9f339b5d7ef99e492f8cebd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
175
x-xss-protection
0
expires
Sun, 25 Dec 2022 09:33:18 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
53 KB
17 KB
Script
General
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2.19.44.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 18:14:48 GMT
Server
Apache
ETag
"d4ed-5eaee7c12df48-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17131
Expires
Sun, 25 Dec 2022 09:48:18 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
32 KB
10 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 01:43:09 GMT
content-encoding
gzip
via
1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
28210
x-amz-server-side-encryption
AES256
etag
W/"51c5af7d71728569b41d03503fff2de7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
bBf9nppux5m4zHP8PfX1CMbXs4KNAphw52h4044JpbmXqB4XQ1TSWQ==
hadron.js
cdn.hadronid.net/
55 KB
11 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FNK044PCM9Y7VVCR
age
633
x-amz-id-2
AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS4catGiYpgDuarnLpgDwccsqRGdU5iLvwtmePXX2SRf%2FDutib1mDyRigHfTYXTD4WzvK58PZrpCVa10OaXd50lZ4QJzck4EM8vjLYQFsJIyAV7rEvsqfw8T4cYVKEgNATF5TfSKn6WdEEg4Yns%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
77f0930dd91e909a-FRA
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
57 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS6079NF7R64H2CK
age
111
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77f0930deb579176-FRA
x-amz-id-2
2mxyvxkHDv8YVtTpVImJWzSJ6t9LE3MMZGFNY9vGEvXz3eTx52Vj7bVgYIduyNqIsbtyyLaxBsg=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=382491895&t=pageview&_s=1&dl=http%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=64239103&gjid=1954012098&cid=165437214.1671960798&tid=UA-105623949-1&_gid=1682759169.1671960798&_r=1&gtm=2oubu0&z=999616422
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
p2.gcprivacy.com/v2/
20 B
289 B
XHR
General
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=d3a892d8-5137-4a68-a4e7-c09a54fc76c2&s=home&u=http%3A%2F%2Fultrasurfing.com%2F&h=ultrasurfing.com&ref=
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.22.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-22-15.compute-1.amazonaws.com
Software
/
Resource Hash
9e3d48c25a5e12be89f29223d02520e6187cf2416ee441333b61d71ad4efe3fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
20
map
bcp.crwdcntrl.net/6/
60 B
335 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c5bc944b10a958825824d5e7bca19c7e5ee5ae9c4da98be5ddd31b2c2c68cb96

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.15.131
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/
47 B
121 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3686be9196ea138bcd843fd61ceffd7be5a4460959bc9cc93fc436027fa274a

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
public,max-age=30
access-control-allow-credentials
true
cf-ray
77f0930fcb656916-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
http://ultrasurfing.com
cache-control
public,max-age=30
cf-cache-status
DYNAMIC
cf-ray
77f0930e68d96916-FRA
content-encoding
gzip
content-type
application/json
date
Sun, 25 Dec 2022 09:33:18 GMT
server
cloudflare
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/
33 B
402 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3c44cf00f1c8baf650445bd016b12904c4c8443f9709d423ef0f993f679f03d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
54 B
230 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
0414f5c00da29a106c1f089f4db4597cc13077d2844bd927635332724125b1dc

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:18 GMT
content-length
54
vary
Origin
content-type
application/json
collect
stats.g.doubleclick.net/j/
4 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105623949-1&cid=165437214.1671960798&jid=64239103&gjid=1954012098&_gid=1682759169.1671960798&_u=YEBAAUAAAAAAACAAI~&z=2076114455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 25 Dec 2022 09:33:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-105623949-1&cid=165437214.1671960798&jid=64239103&_u=YEBAAUAAAAAAACAAI~&z=976119403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
501 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-105623949-1&cid=165437214.1671960798&jid=64239103&_u=YEBAAUAAAAAAACAAI~&z=976119403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playlist-logo.svg
cdn.vidcrunch.com/assets/
4 KB
4 KB
Image
General
Full URL
https://cdn.vidcrunch.com/assets/playlist-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a03bc6f8a4016dbc7a0ae2347008521083839f5076118ac7789fc3cd9071458

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Sun, 01 Aug 2021 07:06:04 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
95HKPYXCTA1FBJ2T
age
253738
etag
"373cb6f70f7cfcd6a451cbe5110eb1fe"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
3684
x-amz-id-2
/w2JxQMlswI5hoOnxNAnmahIKWovcuTHk/I3n9W++5XTaznlzAKXTnD2sEEh6lst3zD5NKCIr18=
expires
Mon, 20 Feb 2023 11:04:20 GMT
31d54a4b841c0e438f13.woff
player.avplayer.com/script/8/v/assets/
34 KB
35 KB
Font
General
Full URL
https://player.avplayer.com/script/8/v/assets/31d54a4b841c0e438f13.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f15 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer
http://ultrasurfing.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsF6StJf_yhVRkMpMcy6hRSUA0Y-KgsRY2GIE9t70uxFjo3Y29bTiQgRaIcOanw9TUOqGNfcYgwIUp1LOYj-BS1H2DwJnru
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
35197
last-modified
Thu, 22 Dec 2022 07:53:20 GMT
server
UploadServer
etag
"fd832eba2d0be1c925970d72cb67f097"
vary
Accept-Encoding
x-goog-generation
1671695600857039
x-goog-hash
crc32c=Ca+Zew==, md5=/YMuui0L4ckllw1yy2fwlw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300
x-goog-stored-content-length
35197
accept-ranges
bytes
content-type
application/octet-stream
expires
Sun, 25 Dec 2022 09:38:18 GMT
ctrack
track1.avplayer.com/
0
145 B
Image
General
Full URL
http://track1.avplayer.com/ctrack?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&cb=1671960798764&e=cpll&cvid=&cpid=&str=external&vi=-1&wi=640&he=360&d66=8.2.6
Protocol
HTTP/1.1
Server
52.72.235.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-235-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
91ff65ad7ec91fd3c96f9d2362db6129_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
12 KB
12 KB
Image
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/91ff65ad7ec91fd3c96f9d2362db6129_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e407adcd1f1f76232a2feab4dd7f8cfab656a21e923ddeb41c3ed667faa725

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Wed, 28 Sep 2022 12:34:13 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
S7KJ1EXR7T29EH6W
age
1011443
etag
"a7b0f0c5073138ca26fcd70ccadcb6ae"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
12320
x-amz-id-2
gD+iOt6eCX+M/kVOnviEq7pbmosaikrw5fsn/9zqjqJVMpJ9vUqe594h0u7evTlkvzyNmLAqVhM=
expires
Sat, 11 Feb 2023 16:37:06 GMT
f7406905194bde38fc5b64b56c1f40ab_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
12 KB
12 KB
Image
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/f7406905194bde38fc5b64b56c1f40ab_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=e54b6f77d4fae66d9d530ef98a775501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3f6995da1355f918b6b6b1801d4df9aca02bdb7f3f20c088812e2ca2fc1d1cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Wed, 28 Sep 2022 12:35:00 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
B2Z7Q4HC70M673X8
age
1011441
etag
"e89ef19daf8d921c2bfbdd75bda1dbc8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
12283
x-amz-id-2
mbdXUe8of36ASbD39CW+owlQuERcKhL3YL98iqzeHYq/f6beCRKp0aOtZych/BHoU11POwdaFcA=
expires
Sat, 11 Feb 2023 16:35:57 GMT
b5a1b44dee350a81aa532e9f7a414f37_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
7 KB
8 KB
Image
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/b5a1b44dee350a81aa532e9f7a414f37_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=087dce497dec9f11d193619f3bb7691e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2bea2da9803c4ecc5861d210f88a8550399fa316e9a1d2e3e89c7319f5bbbfc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Wed, 28 Sep 2022 12:34:42 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
YGV0PEZWZPS20S90
age
1011442
etag
"22052b55f6ab3fea3cd5596c987fe302"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
7523
x-amz-id-2
2hjyl38MqW4oDoahthWm0Yc+qcp5XRllSLTr/3C2YekzBd8HF0JG9tTdoe1UAEXOYNelcYDi0LI=
expires
Sat, 11 Feb 2023 16:37:06 GMT
61c52798d7dbae4070d1789bf23e84a6_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
10 KB
11 KB
Image
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/61c52798d7dbae4070d1789bf23e84a6_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=cb471b4285e51c74118edb23f4a964b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
962e14591b1134c488280aa7935148272b1c8efbd0fc00c31146138b4b42d226

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Wed, 28 Sep 2022 12:34:12 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
B2ZDK34HK67WXKEB
age
1011441
etag
"06d05eebf6f8d5d00f725c99488ff1c8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
10557
x-amz-id-2
aEKqHqcbSqMeo4BPuELoB7OQ1Ux5yPvE1HfvAQNguG4ZKqTg75o84VNuvDS8JZn8JnY90Sb6F6o=
expires
Sat, 11 Feb 2023 16:37:06 GMT
5544b7636de84a65b2f037aa576c9669_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
22 KB
22 KB
Image
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/5544b7636de84a65b2f037aa576c9669_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=3f2dfea47ac28d3fbc595e839fb247c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f94b99e126b3c8acd070cc337dfa76d8f836bf5d0b8e9a36ebf6a182ea9fd481

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Wed, 28 Sep 2022 12:34:38 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
YGV61QFMHJ0JFBDW
age
1011442
etag
"ab087a0153020a8382789561f7ef1a39"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
22050
x-amz-id-2
Bj0X/auMr1b1wL51l3p7hUHTnCAo/RbFVMFJ0rZVy07Fyem7ojVre5Ot3TsiU9iox89YZAqqIt0=
expires
Sat, 11 Feb 2023 16:37:06 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame DCA5
427 KB
115 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduao8QGFIU-a12kA16yePr0CZ42RbGklAuX8EIbn3lSoeEgIlTZl8MiFa7FZucCiVlrJsnBuyN-kj_vN0OIDSaMGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
116981
last-modified
Tue, 13 Dec 2022 08:13:32 GMT
server
UploadServer
etag
"cd25de2ec0c4a951c47404fd1d56f1fb"
vary
Accept-Encoding
x-goog-generation
1670919212449657
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Uhd+iA==, md5=zSXeLsDEqVHEdAT9HVbx+w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
116981
accept-ranges
bytes
expires
Sun, 25 Dec 2022 09:43:18 GMT
floating-unit.20221222-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20221222-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
973a1d54e9779b69bee79ba7b52e20c3b14d9619b76f40ad1810556a9f78fbb6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
SC15UaH4FUft6njhjdUQL7K1Ren2eHTz
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
P5ZYS0A29TYSQKYX
age
9
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2473
x-amz-id-2
VgnwhUgZC3dOQAji5SqpVdpVl2jvAXa1Gz4al6ufn6XckXkI9Qz4agoCW5KyY6e4mc6U94i5g00=
x-served-by
cache-ams21028-AMS
last-modified
Thu, 22 Dec 2022 18:19:17 GMT
server
AmazonS3
x-timer
S1671960799.886867,VS0,VE0
etag
"b12bb1384b5a00aeaadffcd70593f2b6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.8/
104 KB
30 KB
Script
General
Full URL
http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:18 GMT
Via
1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
AMS1-P1
Age
329707
X-Cache
Hit from cloudfront, HIT
Connection
keep-alive
Content-Length
30422
X-Served-By
cache-ams21079-AMS
Last-Modified
Tue, 22 Nov 2022 07:02:09 GMT
Server
AmazonS3
X-Timer
S1671960799.903845,VS0,VE0
ETag
"7fcf5cdb23e918c79141cd7bbdf0b9cc"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
XGca6__DRaEmLtbZKPMUvdvUgriNQO155MbpL7xV2JB9yZHzVcK0Cg==
X-Cache-Hits
3486
feed-card-placeholder.20221222-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20221222-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
010013e3cda0ac7136cf3a6e98af9b89e194b75d9a22128e841fcf27dcabcf1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
oHnl8z.t8beD4h54fDIIjvho.omNJwut
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
P5ZK0CK0JVW7WW83
age
56
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1263
x-amz-id-2
4ssuGPfhvVGIrI5wb10lQTR7SeEWQZFROafowR89K2KJ8EYRH1MMHhAY2I3+RaxPUjft3+8CeC4=
x-served-by
cache-ams21028-AMS
last-modified
Thu, 22 Dec 2022 18:18:55 GMT
server
AmazonS3
x-timer
S1671960799.892537,VS0,VE0
etag
"1f160048025305fea73c707bf876b3cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
38
cta-component.20221222-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
19 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/cta-component.20221222-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bad2ad9152d0075fdc6390891f46df78da9e4d681d557f80554190fb3b119ca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JGgdesoATzUhm1NudEfd2hRBZSyuVXPE
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
P5ZJ7MR67ACA0YPZ
age
58
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5107
x-amz-id-2
GU0Vqv6xLvj43KSRRE3/cXehXBg9/Cn8F5gc9wWLw3eGZzWZ9cH9n8tRYUnNxZLiZ4aLXf36gkI=
x-served-by
cache-ams21028-AMS
last-modified
Thu, 22 Dec 2022 18:18:28 GMT
server
AmazonS3
x-timer
S1671960799.906726,VS0,VE0
etag
"ee9ca5bbbc109761b4ef9a03a01e52cf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
39
userx.20221222-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20221222-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1802cb084d215bca8bd79b67cfa918356fae39b53928110692bf9d8ef4f14663

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
3RmEZ6j3EWpE3ARzQv2aT_R0BVyzeqaz
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
P5ZVC6RCHHP6QF1V
age
32
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
ja7mI2FK1lCS8LiN2hpb4PLe8VaS/OfqQW0Aj4tPuhNWJXmmI6PXuM362gpZn47uoVGb0piRbNw=
x-served-by
cache-ams21028-AMS
last-modified
Thu, 22 Dec 2022 18:21:41 GMT
server
AmazonS3
x-timer
S1671960799.907033,VS0,VE0
etag
"f276b5f4070fd73220b8874c7a75d632"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=d460146382e9274531ac5cde88cbeb25&sd=v2_acbabf6ced3dc28374e064622415f6f7_9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e_1671960798_1671960798_CIi3jgYQ8-NDGM3HhMXUMCABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaO-GzZX1y7WSLHAA&ui=9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e&pi=/&wi=-1709852854480885386&pt=home&vi=1671960798157&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=09%3A33%3A18.880&id=8196&llvl=2&cv=20221222-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d460146382e9274531ac5cde88cbeb25&sd=v2_acbabf6ced3dc28374e064622415f6f7_9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e_1671960798_1671960798_CIi3jgYQ8-NDGM3HhMXUMCABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaO-GzZX1y7WSLHAA&ui=9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e&pi=/&wi=-1709852854480885386&pt=home&vi=1671960798157&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1671960798898%7D&tim=09%3A33%3A18.899&id=6774&llvl=2&cv=20221222-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
579.json
id5-sync.com/g/v2/
215 B
624 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
08b886a3a1524aac5442ce7e4d4fc63a8456576f821a63733671dab63a29fed9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
d6932a57bc3c672a0b73ae0d14418d3e.mp4
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
0
0

f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
HTTP/1.1
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding
gzip
Via
1.1 varnish
Date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
GE45QRX7X10F66PX
Age
68
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1758
x-amz-id-2
D4xvaSZxnBkPnsSFGBr+Alq3APMFQjUtXNkFffVhFSPC2YrB5mh7PqUYXpnZaJVDUeBiBsNN5IA=
X-Served-By
cache-ams21053-AMS
Last-Modified
Wed, 07 Feb 2018 11:15:52 GMT
Server
AmazonS3
X-Timer
S1671960799.926881,VS0,VE0
ETag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
abp
49
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Cache-Hits
25
405
a.ad.gt/api/v1/u/matches/
11 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.69.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-69-139.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
4ef140d9f344d91e0612c015b960f82f265e1f386e9669a9314362c33ae1296d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
04d483ba80417d54d345dcec21369fa4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04d483ba80417d54d345dcec21369fa4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79a23502cb612df1b56a2b503e36646e190bc35539f4c75b9a01ee080cee7fe9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04d483ba80417d54d345dcec21369fa4.jpg
age
5000573
edge-cache-tag
467380262318169000064672630207746281195,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
467380262318169000064672630207746281195,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
95
expiration
expiry-date="Sat, 29 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
7290
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200170-IAD, cache-iad-kiad7000084-IAD, cache-lax10621-LGB, cache-iad-kjyo7100136-IAD, cache-ams21028-AMS
last-modified
Wed, 28 Sep 2022 14:38:42 GMT
server
nginx
x-timer
S1671960799.952882,VS0,VE1
etag
"ffadb1273241b3dceb56090b9fba577e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 159, 1
1315903508__TlJEeOMv.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1315903508__TlJEeOMv.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efeea233903598d262225826244276057043129b5f6eb416bdae85bb95da487c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1315903508__TlJEeOMv.jpg
age
1735718
edge-cache-tag
606196300228758864834632009369700832516,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
606196300228758864834632009369700832516,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
443
req-referer
https://www.20minutos.es/
content-length
7214
x-request-id
7442e6e4ee024c89376a82b3cf762a3d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kjyo7100026-IAD, cache-lga21968-LGA, cache-iad-kiad7000060-IAD, cache-ams21028-AMS
last-modified
Fri, 02 Dec 2022 18:53:03 GMT
server
nginx
x-timer
S1671960799.952844,VS0,VE1
etag
"2b6f4980610168e83fad43b00b87fa0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
1b30c8074e5e9448852ab7731ee7f26f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b30c8074e5e9448852ab7731ee7f26f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131ca26a22406402ec0b8046325e613a3f676656f2e8c084acf47593b0e3c491

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b30c8074e5e9448852ab7731ee7f26f.jpg
age
4995010
edge-cache-tag
447000356328588880061078606649094459767,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
447000356328588880061078606649094459767,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
160
expiration
expiry-date="Thu, 10 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.businessinsider.nl/
content-length
13650
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000146-IAD, cache-iad-kcgs7200080-IAD, cache-bur-kbur8200044-BUR, cache-iad-kcgs7200154-IAD, cache-ams21028-AMS
last-modified
Mon, 10 Oct 2022 13:41:29 GMT
server
nginx
x-timer
S1671960799.952619,VS0,VE1
etag
"d166a8ebb0071e351d259d40c5a74bc5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 9, 1
e3b15ddd281a120c31e529cc438c7365.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3b15ddd281a120c31e529cc438c7365.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d856986d2afb672711a7dc587c048bd771c41ef0dd7630145c2485bdae7ae8bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3b15ddd281a120c31e529cc438c7365.jpg
age
2569083
edge-cache-tag
353199463555347155079904151609787329842,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
353199463555347155079904151609787329842,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
579
req-referer
https://www.standard.co.uk/
content-length
22342
x-request-id
ca5e10d2bacf26a03982d2ec300e3c77
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200026-IAD, cache-iad-kcgs7200049-IAD, cache-chi-kigq8000179-CHI, cache-iad-kiad7000127-IAD, cache-ams21028-AMS
last-modified
Wed, 23 Nov 2022 11:05:37 GMT
server
nginx
x-timer
S1671960799.953142,VS0,VE1
etag
"0962a73759b7700f644c85c3a5caf13b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 27, 1
2efa58af16a1a471560230d9dec4322a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2efa58af16a1a471560230d9dec4322a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e7026ead91b7e20a029ea2277b77776db07632aa458a1fad3c061c6c3878966

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2efa58af16a1a471560230d9dec4322a.jpg
age
1619783
edge-cache-tag
398862208395350983177590745003721449110,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
398862208395350983177590745003721449110,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
435
req-referer
https://www.sport.es/es/noticias/futbol-internacional/juventus-expulsada-serie-79630019
content-length
9552
x-request-id
2cd983ad5fc30a13753e2c11b9254274
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200107-IAD, cache-iad-kjyo7100049-IAD, cache-bur-kbur8200173-BUR, cache-iad-kjyo7100029-IAD, cache-ams21028-AMS
last-modified
Tue, 06 Dec 2022 09:23:12 GMT
server
nginx
x-timer
S1671960799.953259,VS0,VE1
etag
"66c1577d0b5fb093595fa398cc696f5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
70b62617a1c480281b030e03ca8f5f15.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b62617a1c480281b030e03ca8f5f15.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5b49e606e69f8c211f4ed4770cf0512bcfab983c7a27e48efa7330052ebc749

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b62617a1c480281b030e03ca8f5f15.jpg
age
1653589
edge-cache-tag
409643091845538623124799372097862416321,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
409643091845538623124799372097862416321,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
643
req-referer
https://www.sarugbymag.co.za/
content-length
32198
x-request-id
61ac62631019fb34ecbd3639f74e571a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000120-IAD, cache-iad-kiad7000068-IAD, cache-bur-kbur8200089-BUR, cache-iad-kiad7000062-IAD, cache-ams21028-AMS
last-modified
Fri, 02 Dec 2022 16:12:07 GMT
server
nginx
x-timer
S1671960799.953641,VS0,VE1
etag
"480fd1ee4f7750c99f314657de9bd870"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
d6932a57bc3c672a0b73ae0d14418d3e.mp4
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/
3 MB
3 MB
Media
General
Full URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/d6932a57bc3c672a0b73ae0d14418d3e.mp4?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4565a34b0fba23d7b5b6a6471db6b633624f13f40723acda33cc310d1f4e3515

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 25 Dec 2022 09:33:18 GMT
last-modified
Wed, 28 Sep 2022 12:34:13 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
6YRRA4TR7F1F8QMN
age
1011451
etag
"81845cc6edba2f847949ed41c65043b2"
content-type
application/octet-stream
access-control-allow-origin
*
Content-Range
bytes 0-3024558/3024559
cache-control
max-age=5184000
Content-Length
3024559
x-amz-id-2
Wg7FQkTR50n0fbWRFQXuL1F16WmPo3+hObyjdAJoJa5v0QqxOkItTbv3dmFZfxIR999tEo6mPOc=
expires
Sat, 11 Feb 2023 16:35:47 GMT
i-Stock-1357383797.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/PNfwpxy/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/PNfwpxy/i-Stock-1357383797.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c620f4e6059fbc031b6c60630aa31ba6bff37c561046fd784c8edd4d60e8d305

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/PNfwpxy/i-Stock-1357383797.jpg
age
4492474
edge-cache-tag
464504639619119679946042351348528722124,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
464504639619119679946042351348528722124,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
41
req-referer
https://www.lefigaro.fr/sports/football/ligue-1/vente-de-l-ol-a-john-textor-tout-comprendre-sur-l-operation-20221209
content-length
7390
x-request-id
886e1f5157446f99661c73f4350dcf5c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100101-IAD, cache-iad-kiad7000054-IAD, cache-bur-kbur8200150-BUR, cache-iad-kjyo7100033-IAD, cache-ams21028-AMS
last-modified
Thu, 03 Nov 2022 07:03:48 GMT
server
nginx
x-timer
S1671960799.972402,VS0,VE1
etag
"15cc6af9bccf8e9a1a5beccfd208cf4e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 2, 1
dda46d0d8e6362cea928737d53469aee.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dda46d0d8e6362cea928737d53469aee.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcee1877688667365b8310d90db9779ec29c05827a8add6364de0d09afa94fec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dda46d0d8e6362cea928737d53469aee.jpeg
age
3031231
edge-cache-tag
584598980370965678171468224623832378951,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
584598980370965678171468224623832378951,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
90
expiration
expiry-date="Sat, 17 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://article.auone.jp/
content-length
25294
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kcgs7200101-IAD, cache-chi-klot8100071-CHI, cache-iad-kcgs7200173-IAD, cache-ams21028-AMS
last-modified
Wed, 16 Nov 2022 17:44:18 GMT
server
nginx
x-timer
S1671960799.972377,VS0,VE1
etag
"4edfdfe5352b5d8c49cb13b5c67b8811"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 42, 1
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/
31 KB
9 KB
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=09%3A33%3A18.956&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A659%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_acbabf6ced3dc28374e064622415f6f7_9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e_1671960798_1671960798_CIi3jgYQ8-NDGM3HhMXUMCABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaO-GzZX1y7WSLHAA%22%2C%22ui%22%3A%229c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e%22%2C%22uifp%22%3A%229c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e%22%2C%22lbt%22%3A1671731898636%2C%22vi%22%3A1671960798157%2C%22cv%22%3A%2220221222-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3236%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1847.90625%2C%22mw%22%3A610%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10594721%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
909c41989706f9851fd91ace23784f43a5bd70aa9c825dc521225765b98ac582

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
390
date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-ams21028-AMS
server
nginx
x-timer
S1671960799.963289,VS0,VE390
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
next-up-widget.20221222-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
16 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20221222-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ab9007f62011309c435bb40f8a755f9a8af090333705eefc3583a366f5baf5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JZ7lRdBsGBRsDMrArHvCzSSnugpdFoBd
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:18 GMT
x-amz-request-id
6NQS8SV4BMNZTRZH
age
89
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4623
x-amz-id-2
8QezwSEAl8206Z4QKEs9RXvX6P16FeBVQG8pbz4fmYnvtdygh6usRO2CWNI1yxMCREmyoImlKsY=
x-served-by
cache-ams21028-AMS
last-modified
Thu, 22 Dec 2022 18:19:32 GMT
server
AmazonS3
x-timer
S1671960799.981577,VS0,VE0
etag
"a6f7d83a78d25baddad57e4b9933c746"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
7
cd26b2ad795789367da9512b2b866256.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c769ef4341290e0897a12360ed7d5f0c5249e247f3739dd7db9b468d01c5101

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
age
4373775
edge-cache-tag
453815048964929669505372832004537801901,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
453815048964929669505372832004537801901,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
181
req-referer
https://ngfsemlimites.com.br/
content-length
26056
x-request-id
46d9b8909e593d28b9f25dbc74402956
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kcgs7200088-IAD, cache-chi-kigq8000162-CHI, cache-iad-kiad7000069-IAD, cache-ams21028-AMS
last-modified
Fri, 14 Oct 2022 06:32:03 GMT
server
nginx
x-timer
S1671960799.984773,VS0,VE1
etag
"71c5347e745b3adfede5477b6af395a6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 163, 1
1b30c8074e5e9448852ab7731ee7f26f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b30c8074e5e9448852ab7731ee7f26f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131ca26a22406402ec0b8046325e613a3f676656f2e8c084acf47593b0e3c491

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b30c8074e5e9448852ab7731ee7f26f.jpg
age
4995010
edge-cache-tag
447000356328588880061078606649094459767,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
447000356328588880061078606649094459767,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
160
expiration
expiry-date="Thu, 10 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.businessinsider.nl/
content-length
13650
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000146-IAD, cache-iad-kcgs7200080-IAD, cache-bur-kbur8200044-BUR, cache-iad-kcgs7200154-IAD, cache-ams21028-AMS
last-modified
Mon, 10 Oct 2022 13:41:29 GMT
server
nginx
x-timer
S1671960799.985267,VS0,VE0
etag
"d166a8ebb0071e351d259d40c5a74bc5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 9, 2
71352f34d606550336ba2655b990ba48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71352f34d606550336ba2655b990ba48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d736bc55b62afd124d442bfb955da229dd09c26701da60a13bdb159d1d70502

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71352f34d606550336ba2655b990ba48.jpg
age
5678704
edge-cache-tag
565824170887476501477424557250840718458,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
565824170887476501477424557250840718458,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
253
expiration
expiry-date="Fri, 11 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://smallbusiness.chron.com/
content-length
31506
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000144-IAD, cache-iad-kcgs7200041-IAD, cache-lga21930-LGA, cache-iad-kjyo7100045-IAD, cache-ams21028-AMS
last-modified
Tue, 11 Oct 2022 17:48:52 GMT
server
nginx
x-timer
S1671960799.986880,VS0,VE2
etag
"3420dd6a6f910805c9f55bbdbcf857e6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 42, 1
04d483ba80417d54d345dcec21369fa4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04d483ba80417d54d345dcec21369fa4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79a23502cb612df1b56a2b503e36646e190bc35539f4c75b9a01ee080cee7fe9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04d483ba80417d54d345dcec21369fa4.jpg
age
5000573
edge-cache-tag
467380262318169000064672630207746281195,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
467380262318169000064672630207746281195,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
95
expiration
expiry-date="Sat, 29 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
7290
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200170-IAD, cache-iad-kiad7000084-IAD, cache-lax10621-LGB, cache-iad-kjyo7100136-IAD, cache-ams21028-AMS
last-modified
Wed, 28 Sep 2022 14:38:42 GMT
server
nginx
x-timer
S1671960799.989646,VS0,VE0
etag
"ffadb1273241b3dceb56090b9fba577e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 159, 2
ded59d38fa6b34e237b30e32a07541b5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded59d38fa6b34e237b30e32a07541b5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d72a7cb167b2059955e372dcd3831e442a2441020e2a9a10b8c356f53f4c3c17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded59d38fa6b34e237b30e32a07541b5.jpg
age
4643844
edge-cache-tag
409065042830263401356241277056774261419,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
409065042830263401356241277056774261419,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
163
expiration
expiry-date="Wed, 09 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
19566
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100028-IAD, cache-iad-kcgs7200165-IAD, cache-lax10656-LGB, cache-iad-kjyo7100109-IAD, cache-ams21028-AMS
last-modified
Sun, 09 Oct 2022 20:41:20 GMT
server
nginx
x-timer
S1671960799.989895,VS0,VE1
etag
"58f1f7fc8aa7e5fecf6f3f9906827d53"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 10, 1
kgembjhotqvg3ujgdauf.mp4
cdn.taboola.com/libtrc/static/video/v1664655802/
920 KB
921 KB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1664655802/kgembjhotqvg3ujgdauf.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70c8929787e5f60c5793609864951c99e6a287f62b90eabfb6d63aafb022b1f0

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Ml53VrmzkJkxWFmnb7kOwmB9Dd1KHcyr
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish
x-amz-request-id
CMHP0902X1TG4KPA
age
112
x-cache
HIT
Content-Range
bytes 0-942588/942589
x-amz-replication-status
COMPLETED
Content-Length
942589
x-amz-id-2
IokW5iGEJXfoAk3dmkb0rKN4wc8LKEy/m5CEusWQrTY3rmKGpE3REfLIZAp8frhrhObkOei+v2w=
x-served-by
cache-ams21028-AMS
last-modified
Sat, 01 Oct 2022 20:23:35 GMT
server
AmazonS3
x-timer
S1671960799.991229,VS0,VE1
etag
"bf161ee8e956f7d997bf1d549789c8ad"
content-type
video/mp4;codecs=avc1
abp
49
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
zjqn76nsknkrccrrfpvx.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1665479085/
1 MB
1 MB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1665479085/zjqn76nsknkrccrrfpvx.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b96a7a71c27a646cbda3e1bd4aa5129d65c00175ff8aa277e454b5245af81b1

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
VzzJ3KuS0gIBbp1doppgbBzW1EXMJ7YD
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish
x-amz-request-id
PH3EWAX2P6WEMTN2
age
135
x-cache
HIT
Content-Range
bytes 0-1179569/1179570
x-amz-replication-status
COMPLETED
Content-Length
1179570
x-amz-id-2
LoCQWv7JTkMs1BdjmHbjxJ7+b+moFG55TAl7A5b/5zV6JRLs9hQd0RW7yr3MzyVxm1bLKim/JPc=
x-served-by
cache-ams21028-AMS
last-modified
Tue, 11 Oct 2022 09:05:05 GMT
server
AmazonS3
x-timer
S1671960799.992637,VS0,VE1
etag
"f61ce47bd6d2108d5710c2ea821d84b4"
content-type
video/mp4;codecs=avc1
abp
49
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
1315903508__TlJEeOMv.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1315903508__TlJEeOMv.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efeea233903598d262225826244276057043129b5f6eb416bdae85bb95da487c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1315903508__TlJEeOMv.jpg
age
1735718
edge-cache-tag
606196300228758864834632009369700832516,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
606196300228758864834632009369700832516,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
443
req-referer
https://www.20minutos.es/
content-length
7214
x-request-id
7442e6e4ee024c89376a82b3cf762a3d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kjyo7100026-IAD, cache-lga21968-LGA, cache-iad-kiad7000060-IAD, cache-ams21028-AMS
last-modified
Fri, 02 Dec 2022 18:53:03 GMT
server
nginx
x-timer
S1671960799.997039,VS0,VE0
etag
"2b6f4980610168e83fad43b00b87fa0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
e3b15ddd281a120c31e529cc438c7365.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3b15ddd281a120c31e529cc438c7365.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d856986d2afb672711a7dc587c048bd771c41ef0dd7630145c2485bdae7ae8bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3b15ddd281a120c31e529cc438c7365.jpg
age
2569083
edge-cache-tag
353199463555347155079904151609787329842,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
353199463555347155079904151609787329842,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
579
req-referer
https://www.standard.co.uk/
content-length
22342
x-request-id
ca5e10d2bacf26a03982d2ec300e3c77
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200026-IAD, cache-iad-kcgs7200049-IAD, cache-chi-kigq8000179-CHI, cache-iad-kiad7000127-IAD, cache-ams21028-AMS
last-modified
Wed, 23 Nov 2022 11:05:37 GMT
server
nginx
x-timer
S1671960799.999783,VS0,VE0
etag
"0962a73759b7700f644c85c3a5caf13b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 27, 2
2efa58af16a1a471560230d9dec4322a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2efa58af16a1a471560230d9dec4322a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e7026ead91b7e20a029ea2277b77776db07632aa458a1fad3c061c6c3878966

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2efa58af16a1a471560230d9dec4322a.jpg
age
1619783
edge-cache-tag
398862208395350983177590745003721449110,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
398862208395350983177590745003721449110,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
435
req-referer
https://www.sport.es/es/noticias/futbol-internacional/juventus-expulsada-serie-79630019
content-length
9552
x-request-id
2cd983ad5fc30a13753e2c11b9254274
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200107-IAD, cache-iad-kjyo7100049-IAD, cache-bur-kbur8200173-BUR, cache-iad-kjyo7100029-IAD, cache-ams21028-AMS
last-modified
Tue, 06 Dec 2022 09:23:12 GMT
server
nginx
x-timer
S1671960799.001148,VS0,VE0
etag
"66c1577d0b5fb093595fa398cc696f5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
70b62617a1c480281b030e03ca8f5f15.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b62617a1c480281b030e03ca8f5f15.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5b49e606e69f8c211f4ed4770cf0512bcfab983c7a27e48efa7330052ebc749

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b62617a1c480281b030e03ca8f5f15.jpg
age
1653589
edge-cache-tag
409643091845538623124799372097862416321,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
409643091845538623124799372097862416321,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
643
req-referer
https://www.sarugbymag.co.za/
content-length
32198
x-request-id
61ac62631019fb34ecbd3639f74e571a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000120-IAD, cache-iad-kiad7000068-IAD, cache-bur-kbur8200089-BUR, cache-iad-kiad7000062-IAD, cache-ams21028-AMS
last-modified
Fri, 02 Dec 2022 16:12:07 GMT
server
nginx
x-timer
S1671960799.006758,VS0,VE0
etag
"480fd1ee4f7750c99f314657de9bd870"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
i-Stock-1357383797.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/PNfwpxy/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/PNfwpxy/i-Stock-1357383797.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c620f4e6059fbc031b6c60630aa31ba6bff37c561046fd784c8edd4d60e8d305

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/PNfwpxy/i-Stock-1357383797.jpg
age
4492474
edge-cache-tag
464504639619119679946042351348528722124,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
464504639619119679946042351348528722124,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
41
req-referer
https://www.lefigaro.fr/sports/football/ligue-1/vente-de-l-ol-a-john-textor-tout-comprendre-sur-l-operation-20221209
content-length
7390
x-request-id
886e1f5157446f99661c73f4350dcf5c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100101-IAD, cache-iad-kiad7000054-IAD, cache-bur-kbur8200150-BUR, cache-iad-kjyo7100033-IAD, cache-ams21028-AMS
last-modified
Thu, 03 Nov 2022 07:03:48 GMT
server
nginx
x-timer
S1671960799.021094,VS0,VE0
etag
"15cc6af9bccf8e9a1a5beccfd208cf4e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 2, 2
dda46d0d8e6362cea928737d53469aee.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dda46d0d8e6362cea928737d53469aee.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcee1877688667365b8310d90db9779ec29c05827a8add6364de0d09afa94fec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dda46d0d8e6362cea928737d53469aee.jpeg
age
3031231
edge-cache-tag
584598980370965678171468224623832378951,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
584598980370965678171468224623832378951,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
90
expiration
expiry-date="Sat, 17 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://article.auone.jp/
content-length
25294
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kcgs7200101-IAD, cache-chi-klot8100071-CHI, cache-iad-kcgs7200173-IAD, cache-ams21028-AMS
last-modified
Wed, 16 Nov 2022 17:44:18 GMT
server
nginx
x-timer
S1671960799.021216,VS0,VE0
etag
"4edfdfe5352b5d8c49cb13b5c67b8811"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 42, 2
cd26b2ad795789367da9512b2b866256.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c769ef4341290e0897a12360ed7d5f0c5249e247f3739dd7db9b468d01c5101

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
age
4373775
edge-cache-tag
453815048964929669505372832004537801901,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
453815048964929669505372832004537801901,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
181
req-referer
https://ngfsemlimites.com.br/
content-length
26056
x-request-id
46d9b8909e593d28b9f25dbc74402956
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kcgs7200088-IAD, cache-chi-kigq8000162-CHI, cache-iad-kiad7000069-IAD, cache-ams21028-AMS
last-modified
Fri, 14 Oct 2022 06:32:03 GMT
server
nginx
x-timer
S1671960799.049571,VS0,VE0
etag
"71c5347e745b3adfede5477b6af395a6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 163, 2
71352f34d606550336ba2655b990ba48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
31 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71352f34d606550336ba2655b990ba48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d736bc55b62afd124d442bfb955da229dd09c26701da60a13bdb159d1d70502

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71352f34d606550336ba2655b990ba48.jpg
age
5678704
edge-cache-tag
565824170887476501477424557250840718458,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
565824170887476501477424557250840718458,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
253
expiration
expiry-date="Fri, 11 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://smallbusiness.chron.com/
content-length
31506
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000144-IAD, cache-iad-kcgs7200041-IAD, cache-lga21930-LGA, cache-iad-kjyo7100045-IAD, cache-ams21028-AMS
last-modified
Tue, 11 Oct 2022 17:48:52 GMT
server
nginx
x-timer
S1671960799.049552,VS0,VE0
etag
"3420dd6a6f910805c9f55bbdbcf857e6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 42, 2
ded59d38fa6b34e237b30e32a07541b5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded59d38fa6b34e237b30e32a07541b5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d72a7cb167b2059955e372dcd3831e442a2441020e2a9a10b8c356f53f4c3c17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded59d38fa6b34e237b30e32a07541b5.jpg
age
4643844
edge-cache-tag
409065042830263401356241277056774261419,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
409065042830263401356241277056774261419,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
163
expiration
expiry-date="Wed, 09 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
19566
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100028-IAD, cache-iad-kcgs7200165-IAD, cache-lax10656-LGB, cache-iad-kjyo7100109-IAD, cache-ams21028-AMS
last-modified
Sun, 09 Oct 2022 20:41:20 GMT
server
nginx
x-timer
S1671960799.049818,VS0,VE0
etag
"58f1f7fc8aa7e5fecf6f3f9906827d53"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 10, 2
cd26b2ad795789367da9512b2b866256.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8821eb97d46a661a62b6ab6aca701122b49705dd683d3e5c1c9b316726f8659d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
age
3002726
edge-cache-tag
453815048964929669505372832004537801901,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
453815048964929669505372832004537801901,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
73
expiration
expiry-date="Fri, 02 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nme.com/
content-length
7168
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200041-IAD, cache-iad-kcgs7200079-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000098-IAD, cache-ams21028-AMS
last-modified
Tue, 01 Nov 2022 05:48:18 GMT
server
nginx
x-timer
S1671960799.069607,VS0,VE1
etag
"6cce997194265e5b2dbf7f4e3f8c49ed"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 14, 1
kgembjhotqvg3ujgdauf.mp4
cdn.taboola.com/libtrc/static/video/v1664655802/
104 KB
0
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video/v1664655802/kgembjhotqvg3ujgdauf.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Ml53VrmzkJkxWFmnb7kOwmB9Dd1KHcyr
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish
x-amz-request-id
CMHP0902X1TG4KPA
age
112
x-cache
HIT
Content-Range
bytes 0-942588/942589
x-amz-replication-status
COMPLETED
Content-Length
942589
x-amz-id-2
IokW5iGEJXfoAk3dmkb0rKN4wc8LKEy/m5CEusWQrTY3rmKGpE3REfLIZAp8frhrhObkOei+v2w=
x-served-by
cache-ams21028-AMS
last-modified
Sat, 01 Oct 2022 20:23:35 GMT
server
AmazonS3
x-timer
S1671960799.069737,VS0,VE1
etag
"bf161ee8e956f7d997bf1d549789c8ad"
content-type
video/mp4;codecs=avc1
abp
49
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
ctrack
track1.avplayer.com/
0
145 B
Image
General
Full URL
http://track1.avplayer.com/ctrack?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&cb=1671960799083&e=cpst&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6
Protocol
HTTP/1.1
Server
52.72.235.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-235-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
ctrack
track1.avplayer.com/
0
145 B
Image
General
Full URL
http://track1.avplayer.com/ctrack?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&cb=1671960799084&e=cply&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6
Protocol
HTTP/1.1
Server
52.72.235.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-235-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
cd26b2ad795789367da9512b2b866256.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8821eb97d46a661a62b6ab6aca701122b49705dd683d3e5c1c9b316726f8659d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd26b2ad795789367da9512b2b866256.jpg
age
3002726
edge-cache-tag
453815048964929669505372832004537801901,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
453815048964929669505372832004537801901,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
73
expiration
expiry-date="Fri, 02 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nme.com/
content-length
7168
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200041-IAD, cache-iad-kcgs7200079-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000098-IAD, cache-ams21028-AMS
last-modified
Tue, 01 Nov 2022 05:48:18 GMT
server
nginx
x-timer
S1671960799.112908,VS0,VE0
etag
"6cce997194265e5b2dbf7f4e3f8c49ed"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 14, 2
st
imprammp.taboola.com/ Frame 9C6D
742 B
764 B
Document
General
Full URL
http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&cmcv=&pix=undefined&cb=1671960799283&uv=3246&tms=1671960799283&abt=nrlc_vA!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=75c23438-0a49-4433-aa54-fb1bd2346d55&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 25 Dec 2022 09:33:19 GMT
Server
nginx
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-ams21061-AMS
X-Timer
S1671960799.324953,VS0,VE3
transfer-encoding
chunked
sync
am-match.taboola.com/ Frame C585
742 B
836 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 25 Dec 2022 09:33:19 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/
0
112 B
Image
General
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&cmcv=&pix=31589837&cb=1671960799283&uv=3246&tms=1671960799283&abt=nrlc_vA!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1671960797201.2!ts:1671960799283&mntl=1
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 09:33:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 9C6D
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&cmcv=&pix=undefined&cb=1671960799283&uv=3246&tms=1671960799283&abt=nrlc_vA!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=75c23438-0a49-4433-aa54-fb1bd2346d55&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 9C6D
43 B
182 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&cmcv=&pix=undefined&cb=1671960799283&uv=3246&tms=1671960799283&abt=nrlc_vA!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=75c23438-0a49-4433-aa54-fb1bd2346d55&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:6839:a1d8:f51b:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 25 Dec 2022 09:33:19 GMT
server
Apache-Coyote/1.1
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9C6D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
0
98 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&cmcv=&pix=undefined&cb=1671960799283&uv=3246&tms=1671960799283&abt=nrlc_vA!smbs!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=75c23438-0a49-4433-aa54-fb1bd2346d55&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12722

Redirect headers

Date
Sun, 25 Dec 2022 09:33:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
87
Connection
keep-alive
Content-Length
0
sync
taboola-supply-partners.tremorhub.com/ Frame C585
43 B
183 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:6839:a1d8:f51b:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 25 Dec 2022 09:33:19 GMT
server
Apache-Coyote/1.1
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame C585
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C585
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
0
98 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7lmQCFgOGRIYd-quMFASGRIYd-quMFAUAAAAGBvQHJLfaWDajzXAtWJiWa9Fos1krHK7RWmZxTEyWzWg2cq2GQHKrjWUz2gzXgoVpuRaNNpu1wuEarWUWx8Rk2YxmI9dqCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAlBsCTiRHQrg9p5fl5HD7AwAAAAAEAAAAgARgwPC7BICia_Lk_________z9mgD7zRub_____xqAH4MEH4EEIAADAYmg3paXYKzyohagAt4gRAAAAQAmMV8rRpE6oLKr-___7rQCuAAACCpFCSSqydAcl3sIAAAAAxhboYfH7zQ67xu922f________-_2f_ZP5pQVOFHGlCnB67aLyAAwNovIAAA27gBALwFwAUdQSsGg9Ul0GCzmSxmq-HsAAAAAO7-____9UDCY3FYbLaNy-QZeSzDzW60MsxGs8lktFjNbDPf9tgYaaq3lNdy-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwuTGMHIudrO1xrhxrUWDkWEtnC0cbpnJ5hm5TBbbzLdYi14f08PhWK5cKy8KBqDsRfK0SCci02ywGM02w8nKOdmNVpvFwuPamFzG4cbislhWE7FEc7JIJ7LLvuGxOCw228Zl8ow8luFmN1oZZqPZZDJarGa2mW_f3BhGzsVuttYYN661aDAyrIWzhcMtM9k8I5fJYpv5FmvR62N6OBzLlWvlb8x2i-VssFsO943ZbrGcDXbL4b7DZHqmPmejuJaTeGzOkOgmttocBoXLYPH-jhZp7NabGVW2scViGoamn4lV6Pf7_X6_3-_3-70bs8FjMBh-to56LTaWv12nTGQwKGKJ4CKdqM6my8PzutzcqrPp8vC8LjeLWKI0XaQTfdHvdhkePpe_IpYIThfpROh3uyzqPy7Mbi4azpWjuWixSgAAAAAAAAAAS5gzbwIAAABwGshmsdis1nkQm81otlstFwAifl4XAAAAAAAAAGAXvShs3Eov1a648eOJOpsuD8_rcnOrzqbLw_O63KwMABHPzrz5M0Gs1WpZAwAACGADAAAEcOvmLeBEiv____-PAwAAkJGjBwAAoN8HmopbL_TAlQI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12722

Redirect headers

Date
Sun, 25 Dec 2022 09:33:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2acd1e0a-8437-11ed-9a53-1626150c0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
133
Connection
keep-alive
Content-Length
0
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=83e5003597d2fd85e752480bd8ad808a&sd=v2_acbabf6ced3dc28374e064622415f6f7_9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e_1671960798_1671960798_CIi3jgYQ8-NDGM3HhMXUMCABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaO-GzZX1y7WSLHAA&ui=9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e&pi=/&wi=-1709852854480885386&pt=home&vi=1671960798157&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1671960799429%7D&tim=09%3A33%3A19.429&id=7921&llvl=2&cv=20221222-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
b77dfc336ceccb44669fe0866dcf8fed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
40 KB
40 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b77dfc336ceccb44669fe0866dcf8fed.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6faf5ab54bc8712102ae305c9d5c61d02a75acc6b9af052231cadb82ace9524e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b77dfc336ceccb44669fe0866dcf8fed.jpg
age
7099907
edge-cache-tag
402759352835069502422139078257155733531,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
402759352835069502422139078257155733531,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
238
expiration
expiry-date="Fri, 07 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thenationonlineng.net/
content-length
40510
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000132-IAD, cache-iad-kiad7000075-IAD, cache-lga21925-LGA, cache-iad-kcgs7200093-IAD, cache-ams21028-AMS
last-modified
Tue, 06 Sep 2022 18:26:49 GMT
server
nginx
x-timer
S1671960799.440860,VS0,VE2
etag
"7ed870bf42464c1c791a965a9400048f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 19, 1
4e8cd739-d843-4249-bac6-0dbb22562694.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vision.media.net/new/1200x800/2/99/114/11/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vision.media.net/new/1200x800/2/99/114/11/4e8cd739-d843-4249-bac6-0dbb22562694.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d4a3eac156e88cbc3c208525578a066c971b709c61c9aeba6b35af0ba4bd8aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vision.media.net/new/1200x800/2/99/114/11/4e8cd739-d843-4249-bac6-0dbb22562694.jpg
age
6879048
edge-cache-tag
479816540596526950421796085854743776726,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
479816540596526950421796085854743776726,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
272
expiration
expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.standard.co.uk/
content-length
5606
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kcgs7200117-IAD, cache-lga21930-LGA, cache-iad-kcgs7200173-IAD, cache-ams21028-AMS
last-modified
Mon, 19 Sep 2022 10:53:55 GMT
server
nginx
x-timer
S1671960799.440986,VS0,VE1
etag
"e02878e34786d60de42fe73c36f92547"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 393, 1
ff5709dcbc23eafa0c8baeaab35a6209.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5709dcbc23eafa0c8baeaab35a6209.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7264e26700ada552a121d4e0239742315c84baa4eb000534e938e48eafe7a505

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5709dcbc23eafa0c8baeaab35a6209.jpg
age
3969635
edge-cache-tag
593497592750883036363682350151639553262,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
593497592750883036363682350151639553262,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
644
req-referer
https://segredosdagastronomia.online/receita-de-bolo-de-chocolate-simples/
content-length
9456
x-request-id
646bb4ee3d9460789eb820c5c72f0e80
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000147-IAD, cache-iad-kiad7000125-IAD, cache-lax10630-LGB, cache-iad-kiad7000159-IAD, cache-ams21028-AMS
last-modified
Sat, 15 Oct 2022 21:52:01 GMT
server
nginx
x-timer
S1671960799.441162,VS0,VE1
etag
"35f0d456e7eb41489c82bdc1230ebdd2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 13, 1
a52694bb11cc784dfe8a919911bab483.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a52694bb11cc784dfe8a919911bab483.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a04b584cdf2d5adb89b8fceb0b34c55042c7d3e558aec895162b8726d0121e2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a52694bb11cc784dfe8a919911bab483.jpg
age
1620615
edge-cache-tag
346669282651413391483765207473606581025,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
346669282651413391483765207473606581025,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
125
req-referer
https://sports.ndtv.com/
content-length
26366
x-request-id
c15890a95fe2809c2f6c4d90f9ae4831
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200052-IAD, cache-iad-kiad7000094-IAD, cache-bur-kbur8200021-BUR, cache-iad-kcgs7200151-IAD, cache-ams21028-AMS
last-modified
Tue, 06 Dec 2022 09:19:47 GMT
server
nginx
x-timer
S1671960799.441287,VS0,VE1
etag
"966ccfb03cdc6ecbe9b9f6ccf2cb01b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
1819f60844d8a99f4ab19ee6a2709747.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1819f60844d8a99f4ab19ee6a2709747.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b43c8439864ae8b54b6b6e1bc7ef3edda1e48309bf96e6757b369068ec1e730

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1819f60844d8a99f4ab19ee6a2709747.png
age
2164674
edge-cache-tag
433958890946716870555032778876321501080,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
433958890946716870555032778876321501080,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
131
expiration
expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.index.hr/
content-length
17874
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kiad7000106-IAD, cache-bur-kbur8200123-BUR, cache-iad-kjyo7100074-IAD, cache-ams21028-AMS
last-modified
Mon, 21 Nov 2022 16:22:21 GMT
server
nginx
x-timer
S1671960799.441584,VS0,VE1
etag
"87c6c916ced80f0da6fcb261780859e9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 1
4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea6a5d19e996a6a02fc6a25098e6918b6c7eecb3a31cf3869f067bf89fa2e0dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age
7697957
edge-cache-tag
535745196937353868742743497463140311808,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
535745196937353868742743497463140311808,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
89
expiration
expiry-date="Wed, 26 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ccm.net/apps-sites/software/1667-how-to-export-ppt-to-pdf-with-hyperlinks/
content-length
11018
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200021-IAD, cache-iad-kcgs7200164-IAD, cache-lax10670-LGB, cache-iad-kcgs7200048-IAD, cache-ams21028-AMS
last-modified
Sun, 25 Sep 2022 17:42:09 GMT
server
nginx
x-timer
S1671960799.441720,VS0,VE1
etag
"443a53da194b34fe8b33720cc2da9dd9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 4272, 1
00e882684cf172127b286de95b21cfa7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
27 KB
28 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00e882684cf172127b286de95b21cfa7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fb5a43b96b4a70892eb327e29120fbaecba1265ad20f9f3817840ab3ae13e51

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00e882684cf172127b286de95b21cfa7.jpg
age
7606933
edge-cache-tag
375270271752210692240939355830637670937,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
375270271752210692240939355830637670937,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
228
expiration
expiry-date="Wed, 26 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
27544
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000132-IAD, cache-iad-kcgs7200137-IAD, cache-lga21928-LGA, cache-iad-kjyo7100071-IAD, cache-ams21028-AMS
last-modified
Sun, 25 Sep 2022 22:01:10 GMT
server
nginx
x-timer
S1671960799.460638,VS0,VE1
etag
"aedb4914a5ddb116015dc066cb9c7f9d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 121, 1
8f926cdb0f202370d45a9ba6a6a98e67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f926cdb0f202370d45a9ba6a6a98e67.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05206ff71f7393516a2e381ad17f1f185ebe3af8d8e8877c4e719b6f5a5e5558

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f926cdb0f202370d45a9ba6a6a98e67.jpg
age
3982829
edge-cache-tag
301003305883573649932939764359177753946,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
301003305883573649932939764359177753946,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Fri, 18 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ligaportal.at/
content-length
20744
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000113-IAD, cache-iad-kjyo7100091-IAD, cache-lax10663-LGB, cache-iad-kiad7000073-IAD, cache-ams21028-AMS
last-modified
Tue, 18 Oct 2022 20:48:27 GMT
server
nginx
x-timer
S1671960799.460733,VS0,VE0
etag
"e735419d0a71bbafb62d84d0a78f21e1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 46, 4
0d7d175bdabc72cfe50169281e6c9830.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d7d175bdabc72cfe50169281e6c9830.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
accdfc23ad2048716bf3ad944cc19495cd296de1d9cd10c849f3044b52c6ec46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d7d175bdabc72cfe50169281e6c9830.png
age
2158553
edge-cache-tag
615908060335463436059958277025865151038,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
615908060335463436059958277025865151038,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://sports.ndtv.com/
content-length
24538
x-request-id
a54205dde955489812a891b8f92a6cf9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100118-IAD, cache-lga21952-LGA, cache-iad-kiad7000089-IAD, cache-ams21028-AMS
last-modified
Wed, 30 Nov 2022 07:27:15 GMT
server
nginx
x-timer
S1671960799.461068,VS0,VE1
etag
"ec6c326d572eafd194be1d146be10390"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
ce58464a20a85730e2117eccca150bf0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce58464a20a85730e2117eccca150bf0.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be2035ab5cd8eb913d70e2bb09d1c3a40f9fbe93a884da97ea473b0662924d36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce58464a20a85730e2117eccca150bf0.jpeg
age
5876718
edge-cache-tag
570227965084011161870547011466456528677,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
570227965084011161870547011466456528677,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
119
req-referer
https://www.sozcu.com.tr/
content-length
19930
x-request-id
abd1b36d12c879db58594752039e6a3d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000034-IAD, cache-iad-kiad7000049-IAD, cache-lax10674-LGB, cache-iad-kiad7000097-IAD, cache-ams21028-AMS
last-modified
Tue, 11 Oct 2022 22:37:17 GMT
server
nginx
x-timer
S1671960799.461056,VS0,VE6
etag
"65c8fd8bd75f5f5c13060a66d7036b0c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 46, 1
53e7fbb90517a7e450c5d5ee4cea11c5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53e7fbb90517a7e450c5d5ee4cea11c5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec7ddeb661434561e45b0c83f42bc5cb11ea4e9f72fd8ee906fd6044bad9f0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53e7fbb90517a7e450c5d5ee4cea11c5.jpg
age
1073745
edge-cache-tag
450468630811888763691325585219509090023,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
450468630811888763691325585219509090023,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
546
req-referer
https://m.belfasttelegraph.co.uk/
content-length
8876
x-request-id
bbc7be5b119f6c411aa426ef59d86a17
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kcgs7200086-IAD, cache-bur-kbur8200027-BUR, cache-iad-kjyo7100116-IAD, cache-ams21028-AMS
last-modified
Mon, 12 Dec 2022 17:02:54 GMT
server
nginx
x-timer
S1671960799.461034,VS0,VE1
etag
"59c8d5c8245c79816abe4c692971f498"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
e90a78861cddc944f326e8b14e22d129.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e90a78861cddc944f326e8b14e22d129.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f79f708b0410e96cf1369d93f72e8ee698bc9b8dc4f5cd45fe94212c0dd5ec1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e90a78861cddc944f326e8b14e22d129.jpg
age
2764036
edge-cache-tag
389036002246897603241802190447944376582,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
389036002246897603241802190447944376582,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
616
req-referer
https://www.corriere.it/economia/lavoro/22_novembre_22/reddito-cittadinanza-come-cambiano-requisiti-2023-sara-abolito-2024-5a486ac6-6a46-11ed-a550-30a162b39b6b.shtml
content-length
8008
x-request-id
e791bf66b612720aeec6d13e021b857e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000124-IAD, cache-iad-kcgs7200102-IAD, cache-chi-klot8100145-CHI, cache-iad-kiad7000069-IAD, cache-ams21028-AMS
last-modified
Tue, 22 Nov 2022 22:47:43 GMT
server
nginx
x-timer
S1671960799.461017,VS0,VE0
etag
"38c461bf24cf2bbcc6a2b99c9c84c801"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 5
0d61d591f7082ca99ef0825b35dd50d6.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d61d591f7082ca99ef0825b35dd50d6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
239433c0ce308323ba760276d64ea026d84c6c036fb2b734477798a7b2fe79b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d61d591f7082ca99ef0825b35dd50d6.jpg
age
7401487
edge-cache-tag
397095306480012244555828513413672693575,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
cache-tag
397095306480012244555828513413672693575,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
531
req-referer
https://www.kiro7.com/
content-length
22424
x-request-id
9b4a00fb146b2ad5b68f509a18e26baa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200024-IAD, cache-iad-kiad7000128-IAD, cache-bur-kbur8200028-BUR, cache-iad-kiad7000139-IAD, cache-ams21028-AMS
last-modified
Mon, 05 Sep 2022 12:56:07 GMT
server
nginx
x-timer
S1671960799.478869,VS0,VE0
etag
"1ab5aeaab8209917894102c6288ebd80"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5262, 954
6b90d3372bbca0ca98e8fc51c525d12f.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_643,y_382/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_643,y_382/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b90d3372bbca0ca98e8fc51c525d12f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c61b294df1382d1388a2f2f39137f69d035b4f46a9799f880d65300d91f4fd8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_643,y_382/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b90d3372bbca0ca98e8fc51c525d12f.jpg
age
2914709
edge-cache-tag
440450280754044789045123376759897040510,327077206491944527596155253279365245713,29ecf9b93bbf306179626feeda1fab70
cache-tag
440450280754044789045123376759897040510,327077206491944527596155253279365245713,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
190
expiration
expiry-date="Sun, 11 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.history.co.uk/
content-length
13828
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100116-IAD, cache-iad-kiad7000030-IAD, cache-lga21978-LGA, cache-iad-kjyo7100082-IAD, cache-ams21028-AMS
last-modified
Thu, 10 Nov 2022 16:23:30 GMT
server
nginx
x-timer
S1671960799.478846,VS0,VE1
etag
"b73e8ea4c0a2a46e8c69630a1b6c0353"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 63, 1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DCA5
372 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Sun, 25 Dec 2022 09:33:19 GMT
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame DCA5
174 KB
55 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu5TPWlxCG8UVlj2K-iBLXDHsN9P8s-2McOJjCvNLd-MNN_-bwhMMP7d9vi6Bh9-5VpCXrQQGjxLHAl1WHJwK0zUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55951
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"848612c9b5fc41ff4495ce51cdc24e14"
vary
Accept-Encoding
x-goog-generation
1670919212995289
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=fdkd8w==, md5=hIYSybX8Qf9Elc5RzcJOFA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
55951
accept-ranges
bytes
expires
Sun, 25 Dec 2022 09:43:19 GMT
/
serv.vidcrunch.com/api/adserver/tag/
11 KB
2 KB
XHR
General
Full URL
https://serv.vidcrunch.com/api/adserver/tag/?AV_DNTCHECK=1&AV_VIDEOURL=https%3A%2F%2Fcdn.vidcrunch.com%2Fintegrations%2F62df7d0fd29282460c39aff8%2F62df7da6d292823c0039affb%2Fd6932a57bc3c672a0b73ae0d14418d3e.mp4%3FchannelId&veid=8d07283d1601710af947f7fb0b55d51d&AV_SLOTT=-2&AV_SECURED=0&AV_LANGUAGE=en&AV_URL=http%3A%2F%2Fultrasurfing.com%2F&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&AV_CHANNELID=62df7c7bac65d13f1813cc8e&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ultrasurfing.com&AV_DADPOS=1&d36=6.2.68&responsive=1&sver=3&avtoken=799470&omv=1.0.1&AV_D66=8.2.6&clsid=89672400-165f-4895-bb12-4d5ce509d7ad&rando=89&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1671960799474&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.111.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-111-211.compute-1.amazonaws.com
Software
/
Resource Hash
94b05a343f3630fa512da75aeded34f503f8155e5f1d623dc5ff190c6cbcadd5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Dec 2022 19:46:39 GMT
track
servt.vidcrunch.com/
0
70 B
Image
General
Full URL
https://servt.vidcrunch.com/track?r=ultrasurfing.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.68&apppkg=&fv=1&proto=http&d66=8.2.6&clsid=89672400-165f-4895-bb12-4d5ce509d7ad&rando=89&pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&stagid=&stplid=&e=inventory&vi=100&cb=1671960799473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.46.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-46-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
4e8cd739-d843-4249-bac6-0dbb22562694.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vision.media.net/new/1200x800/2/99/114/11/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vision.media.net/new/1200x800/2/99/114/11/4e8cd739-d843-4249-bac6-0dbb22562694.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d4a3eac156e88cbc3c208525578a066c971b709c61c9aeba6b35af0ba4bd8aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vision.media.net/new/1200x800/2/99/114/11/4e8cd739-d843-4249-bac6-0dbb22562694.jpg
age
6879048
edge-cache-tag
479816540596526950421796085854743776726,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
479816540596526950421796085854743776726,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
272
expiration
expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.standard.co.uk/
content-length
5606
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kcgs7200117-IAD, cache-lga21930-LGA, cache-iad-kcgs7200173-IAD, cache-ams21028-AMS
last-modified
Mon, 19 Sep 2022 10:53:55 GMT
server
nginx
x-timer
S1671960800.501643,VS0,VE0
etag
"e02878e34786d60de42fe73c36f92547"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 393, 2
ff5709dcbc23eafa0c8baeaab35a6209.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5709dcbc23eafa0c8baeaab35a6209.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7264e26700ada552a121d4e0239742315c84baa4eb000534e938e48eafe7a505

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5709dcbc23eafa0c8baeaab35a6209.jpg
age
3969635
edge-cache-tag
593497592750883036363682350151639553262,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
593497592750883036363682350151639553262,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
644
req-referer
https://segredosdagastronomia.online/receita-de-bolo-de-chocolate-simples/
content-length
9456
x-request-id
646bb4ee3d9460789eb820c5c72f0e80
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000147-IAD, cache-iad-kiad7000125-IAD, cache-lax10630-LGB, cache-iad-kiad7000159-IAD, cache-ams21028-AMS
last-modified
Sat, 15 Oct 2022 21:52:01 GMT
server
nginx
x-timer
S1671960800.501628,VS0,VE0
etag
"35f0d456e7eb41489c82bdc1230ebdd2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 13, 2
a52694bb11cc784dfe8a919911bab483.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a52694bb11cc784dfe8a919911bab483.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a04b584cdf2d5adb89b8fceb0b34c55042c7d3e558aec895162b8726d0121e2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a52694bb11cc784dfe8a919911bab483.jpg
age
1620615
edge-cache-tag
346669282651413391483765207473606581025,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
346669282651413391483765207473606581025,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
125
req-referer
https://sports.ndtv.com/
content-length
26366
x-request-id
c15890a95fe2809c2f6c4d90f9ae4831
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200052-IAD, cache-iad-kiad7000094-IAD, cache-bur-kbur8200021-BUR, cache-iad-kcgs7200151-IAD, cache-ams21028-AMS
last-modified
Tue, 06 Dec 2022 09:19:47 GMT
server
nginx
x-timer
S1671960800.501925,VS0,VE0
etag
"966ccfb03cdc6ecbe9b9f6ccf2cb01b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 2
1819f60844d8a99f4ab19ee6a2709747.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1819f60844d8a99f4ab19ee6a2709747.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b43c8439864ae8b54b6b6e1bc7ef3edda1e48309bf96e6757b369068ec1e730

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1819f60844d8a99f4ab19ee6a2709747.png
age
2164674
edge-cache-tag
433958890946716870555032778876321501080,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
433958890946716870555032778876321501080,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
131
expiration
expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.index.hr/
content-length
17874
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kiad7000106-IAD, cache-bur-kbur8200123-BUR, cache-iad-kjyo7100074-IAD, cache-ams21028-AMS
last-modified
Mon, 21 Nov 2022 16:22:21 GMT
server
nginx
x-timer
S1671960800.501931,VS0,VE0
etag
"87c6c916ced80f0da6fcb261780859e9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 2
4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea6a5d19e996a6a02fc6a25098e6918b6c7eecb3a31cf3869f067bf89fa2e0dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age
7697957
edge-cache-tag
535745196937353868742743497463140311808,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
535745196937353868742743497463140311808,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
89
expiration
expiry-date="Wed, 26 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ccm.net/apps-sites/software/1667-how-to-export-ppt-to-pdf-with-hyperlinks/
content-length
11018
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200021-IAD, cache-iad-kcgs7200164-IAD, cache-lax10670-LGB, cache-iad-kcgs7200048-IAD, cache-ams21028-AMS
last-modified
Sun, 25 Sep 2022 17:42:09 GMT
server
nginx
x-timer
S1671960800.501892,VS0,VE0
etag
"443a53da194b34fe8b33720cc2da9dd9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 4272, 2
b77dfc336ceccb44669fe0866dcf8fed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
40 KB
40 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b77dfc336ceccb44669fe0866dcf8fed.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6faf5ab54bc8712102ae305c9d5c61d02a75acc6b9af052231cadb82ace9524e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b77dfc336ceccb44669fe0866dcf8fed.jpg
age
7099907
edge-cache-tag
402759352835069502422139078257155733531,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
402759352835069502422139078257155733531,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
238
expiration
expiry-date="Fri, 07 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thenationonlineng.net/
content-length
40510
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000132-IAD, cache-iad-kiad7000075-IAD, cache-lga21925-LGA, cache-iad-kcgs7200093-IAD, cache-ams21028-AMS
last-modified
Tue, 06 Sep 2022 18:26:49 GMT
server
nginx
x-timer
S1671960800.505993,VS0,VE0
etag
"7ed870bf42464c1c791a965a9400048f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 19, 2
00e882684cf172127b286de95b21cfa7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
27 KB
28 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00e882684cf172127b286de95b21cfa7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fb5a43b96b4a70892eb327e29120fbaecba1265ad20f9f3817840ab3ae13e51

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00e882684cf172127b286de95b21cfa7.jpg
age
7606933
edge-cache-tag
375270271752210692240939355830637670937,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
375270271752210692240939355830637670937,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
228
expiration
expiry-date="Wed, 26 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
27544
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000132-IAD, cache-iad-kcgs7200137-IAD, cache-lga21928-LGA, cache-iad-kjyo7100071-IAD, cache-ams21028-AMS
last-modified
Sun, 25 Sep 2022 22:01:10 GMT
server
nginx
x-timer
S1671960800.526400,VS0,VE0
etag
"aedb4914a5ddb116015dc066cb9c7f9d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 121, 2
8f926cdb0f202370d45a9ba6a6a98e67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f926cdb0f202370d45a9ba6a6a98e67.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05206ff71f7393516a2e381ad17f1f185ebe3af8d8e8877c4e719b6f5a5e5558

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f926cdb0f202370d45a9ba6a6a98e67.jpg
age
3982829
edge-cache-tag
301003305883573649932939764359177753946,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
301003305883573649932939764359177753946,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Fri, 18 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ligaportal.at/
content-length
20744
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000113-IAD, cache-iad-kjyo7100091-IAD, cache-lax10663-LGB, cache-iad-kiad7000073-IAD, cache-ams21028-AMS
last-modified
Tue, 18 Oct 2022 20:48:27 GMT
server
nginx
x-timer
S1671960800.526732,VS0,VE0
etag
"e735419d0a71bbafb62d84d0a78f21e1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 46, 5
0d7d175bdabc72cfe50169281e6c9830.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d7d175bdabc72cfe50169281e6c9830.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
accdfc23ad2048716bf3ad944cc19495cd296de1d9cd10c849f3044b52c6ec46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d7d175bdabc72cfe50169281e6c9830.png
age
2158553
edge-cache-tag
615908060335463436059958277025865151038,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
615908060335463436059958277025865151038,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://sports.ndtv.com/
content-length
24538
x-request-id
a54205dde955489812a891b8f92a6cf9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100118-IAD, cache-lga21952-LGA, cache-iad-kiad7000089-IAD, cache-ams21028-AMS
last-modified
Wed, 30 Nov 2022 07:27:15 GMT
server
nginx
x-timer
S1671960800.526730,VS0,VE0
etag
"ec6c326d572eafd194be1d146be10390"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
ce58464a20a85730e2117eccca150bf0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce58464a20a85730e2117eccca150bf0.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be2035ab5cd8eb913d70e2bb09d1c3a40f9fbe93a884da97ea473b0662924d36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce58464a20a85730e2117eccca150bf0.jpeg
age
5876718
edge-cache-tag
570227965084011161870547011466456528677,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
570227965084011161870547011466456528677,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
119
req-referer
https://www.sozcu.com.tr/
content-length
19930
x-request-id
abd1b36d12c879db58594752039e6a3d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000034-IAD, cache-iad-kiad7000049-IAD, cache-lax10674-LGB, cache-iad-kiad7000097-IAD, cache-ams21028-AMS
last-modified
Tue, 11 Oct 2022 22:37:17 GMT
server
nginx
x-timer
S1671960800.526702,VS0,VE0
etag
"65c8fd8bd75f5f5c13060a66d7036b0c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 46, 2
53e7fbb90517a7e450c5d5ee4cea11c5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53e7fbb90517a7e450c5d5ee4cea11c5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec7ddeb661434561e45b0c83f42bc5cb11ea4e9f72fd8ee906fd6044bad9f0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53e7fbb90517a7e450c5d5ee4cea11c5.jpg
age
1073745
edge-cache-tag
450468630811888763691325585219509090023,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
450468630811888763691325585219509090023,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
546
req-referer
https://m.belfasttelegraph.co.uk/
content-length
8876
x-request-id
bbc7be5b119f6c411aa426ef59d86a17
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kcgs7200086-IAD, cache-bur-kbur8200027-BUR, cache-iad-kjyo7100116-IAD, cache-ams21028-AMS
last-modified
Mon, 12 Dec 2022 17:02:54 GMT
server
nginx
x-timer
S1671960800.526694,VS0,VE0
etag
"59c8d5c8245c79816abe4c692971f498"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 2
e90a78861cddc944f326e8b14e22d129.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e90a78861cddc944f326e8b14e22d129.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f79f708b0410e96cf1369d93f72e8ee698bc9b8dc4f5cd45fe94212c0dd5ec1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e90a78861cddc944f326e8b14e22d129.jpg
age
2764036
edge-cache-tag
389036002246897603241802190447944376582,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
389036002246897603241802190447944376582,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
616
req-referer
https://www.corriere.it/economia/lavoro/22_novembre_22/reddito-cittadinanza-come-cambiano-requisiti-2023-sara-abolito-2024-5a486ac6-6a46-11ed-a550-30a162b39b6b.shtml
content-length
8008
x-request-id
e791bf66b612720aeec6d13e021b857e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000124-IAD, cache-iad-kcgs7200102-IAD, cache-chi-klot8100145-CHI, cache-iad-kiad7000069-IAD, cache-ams21028-AMS
last-modified
Tue, 22 Nov 2022 22:47:43 GMT
server
nginx
x-timer
S1671960800.528206,VS0,VE0
etag
"38c461bf24cf2bbcc6a2b99c9c84c801"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 6
0d61d591f7082ca99ef0825b35dd50d6.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d61d591f7082ca99ef0825b35dd50d6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
239433c0ce308323ba760276d64ea026d84c6c036fb2b734477798a7b2fe79b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d61d591f7082ca99ef0825b35dd50d6.jpg
age
7401487
edge-cache-tag
397095306480012244555828513413672693575,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
cache-tag
397095306480012244555828513413672693575,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
531
req-referer
https://www.kiro7.com/
content-length
22424
x-request-id
9b4a00fb146b2ad5b68f509a18e26baa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200024-IAD, cache-iad-kiad7000128-IAD, cache-bur-kbur8200028-BUR, cache-iad-kiad7000139-IAD, cache-ams21028-AMS
last-modified
Mon, 05 Sep 2022 12:56:07 GMT
server
nginx
x-timer
S1671960800.546894,VS0,VE0
etag
"1ab5aeaab8209917894102c6288ebd80"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5262, 955
6b90d3372bbca0ca98e8fc51c525d12f.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_643,y_382/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_643,y_382/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b90d3372bbca0ca98e8fc51c525d12f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c61b294df1382d1388a2f2f39137f69d035b4f46a9799f880d65300d91f4fd8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_643,y_382/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b90d3372bbca0ca98e8fc51c525d12f.jpg
age
2914709
edge-cache-tag
440450280754044789045123376759897040510,327077206491944527596155253279365245713,29ecf9b93bbf306179626feeda1fab70
cache-tag
440450280754044789045123376759897040510,327077206491944527596155253279365245713,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
190
expiration
expiry-date="Sun, 11 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.history.co.uk/
content-length
13828
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100116-IAD, cache-iad-kiad7000030-IAD, cache-lga21978-LGA, cache-iad-kjyo7100082-IAD, cache-ams21028-AMS
last-modified
Thu, 10 Nov 2022 16:23:30 GMT
server
nginx
x-timer
S1671960800.546993,VS0,VE0
etag
"b73e8ea4c0a2a46e8c69630a1b6c0353"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 63, 2
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Dec 2022 09:33:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
564631
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
49 B
250 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yi-wknx6UENvWmdrWDc1SFJXNFlWNUkwMHJGQlZYWTZWYlpDL0VXb0dZTzRrTjBQQitvTDVrREd4U1VuL2dEZ3YwQmREZE5vWHBuTVNwZmlyKzh0R3JkOElOc1dnQytMQnBJaTVla011cHlzeVZDc3dsUElNdlgzcmlYdX...
362 B
652 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=yi-wknx6UENvWmdrWDc1SFJXNFlWNUkwMHJGQlZYWTZWYlpDL0VXb0dZTzRrTjBQQitvTDVrREd4U1VuL2dEZ3YwQmREZE5vWHBuTVNwZmlyKzh0R3JkOElOc1dnQytMQnBJaTVla011cHlzeVZDc3dsUElNdlgzcmlYdXlwMTV2TStVWjdNQXhEY2FRL2t2dHZLUlNhOGNFcVNEVzZxQ0t3TVdzdm9TT0JwUi9LTk96dFJ2dVQ4VnQ1bFZJUVNtSFEwQjkyNitkTFd4R1VleTZST3ovOGZYaldwZ0tpYmpiSkc4YVlSRTNTNXR6bmxVdUVmWm1sLzJYaWNJeHprYmpZRHVXfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
baf252a7147ed40b0bb202925355e3c604b0ef1dca007a585a377dc4d3a06ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1074423
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=yi-wknx6UENvWmdrWDc1SFJXNFlWNUkwMHJGQlZYWTZWYlpDL0VXb0dZTzRrTjBQQitvTDVrREd4U1VuL2dEZ3YwQmREZE5vWHBuTVNwZmlyKzh0R3JkOElOc1dnQytMQnBJaTVla011cHlzeVZDc3dsUElNdlgzcmlYdXlwMTV2TStVWjdNQXhEY2FRL2t2dHZLUlNhOGNFcVNEVzZxQ0t3TVdzdm9TT0JwUi9LTk96dFJ2dVQ4VnQ1bFZJUVNtSFEwQjkyNitkTFd4R1VleTZST3ovOGZYaldwZ0tpYmpiSkc4YVlSRTNTNXR6bmxVdUVmWm1sLzJYaWNJeHprYmpZRHVXfA&cppv=2
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
327263
content-length
0
expires
0
prebid
id5-sync.com/api/config/
135 B
544 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

any
idx.liadm.com/idex/prebid/
50 B
427 B
XHR
General
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.226.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-226-104.compute-1.amazonaws.com
Software
/
Resource Hash
d7dc910be3880f445e192f799f97e219de678dc4140dfbd427e5db68098a6536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
2
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
trace-id
3f809f52a9cd6a53
content-length
50
expires
Mon, 26 Dec 2022 09:33:19 GMT
id
id.crwdcntrl.net/
43 B
316 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.3.122
access-control-allow-credentials
true
content-length
43
expires
0
integrator.js
adservice.google.nl/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
166 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2374226278320020&correlator=784425245382189&eid=31071151%2C31068826&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=1989695365%2C2219577479%2C1543616976&didk=25296465~1469139158~3626077639&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_adomain%3Dseedtag.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D607d0bc4625371f%26hb_bidder%3Dsovrn%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D1400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=0&cookie_enabled=1&abxe=1&dt=1671960799671&lmt=1671960799&dlt=1671960797563&idt=885&adxs=325%2C436%2C975&adys=578%2C6179%2C578&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x6178%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=165437214.1671960798&ga_sid=1671960800&ga_hid=382491895&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d3d27a7a9c6c30b6b8be95890230b5a583269b7b9b443009064d5d43fa2ace3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19314
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a1682bfd86890534c91a2aea0f6e203ef8a7be23813e143a5fec7090be85e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11290
x-xss-protection
0
container.html
81e69b07a15762b6bb0daf646650e9c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B50B
6 KB
3 KB
Document
General
Full URL
https://81e69b07a15762b6bb0daf646650e9c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 09:33:19 GMT
expires
Mon, 25 Dec 2023 09:33:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=yi-wknx6UENvWmdrWDc1SFJXNFlWNUkwMHJGQlZYWTZWYlpDL0VXb0dZTzRrTjBQQitvTDVrREd4U1VuL2dEZ3YwQmREZE5vWHBuTVNwZmlyKzh0R3JkOElOc1dnQytMQnBJaTVla011cHlzeVZDc3dsUElNdlgzcmlYdXlwMTV2TStVWjdNQXhEY2FRL2t2dHZLUlNhOGNFcVNEVzZxQ0t3TVdzdm9TT0JwUi9LTk96dFJ2dVQ4VnQ1bFZJUVNtSFEwQjkyNitkTFd4R1VleTZST3ovOGZYaldwZ0tpYmpiSkc4YVlSRTNTNXR6bmxVdUVmWm1sLzJYaWNJeHprYmpZRHVXfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Dec 2022 09:33:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
492436
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/
33 B
402 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
871e0d359046655d3291a63f273062ce30f8b865c98459dd339adf7c0604fbb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
579.json
id5-sync.com/g/v2/
216 B
625 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
ceaa38b4f8166c5f933217685143c29669b5958c6a690ea03027d6baa415ef4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Sun, 25 Dec 2022 09:33:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 09:33:19 GMT
bulk
trc.taboola.com/ultrasurf-ultrasurf/log/3/
0
59 B
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=14
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
5
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:20 GMT
via
1.1 varnish
x-served-by
cache-ams21028-AMS
server
nginx
x-timer
S1671960800.017963,VS0,VE5
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/
0
299 B
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
3
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:20 GMT
via
1.1 varnish
x-served-by
cache-ams21028-AMS
server
nginx
x-timer
S1671960800.018069,VS0,VE3
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
1 KB
Image
General
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
HTTP/1.1
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date
Sun, 25 Dec 2022 09:33:20 GMT
Via
1.1 varnish
x-amz-request-id
Q091GAV733PB0YDC
Age
8396
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
XkmO8IRSeRs1MGG5jJG+UB+4lqTKeAdb/aq2mGJE4pZCiSX+xxXNBTR5NlYl7Oa5fGqO1rsVSfg=
X-Served-By
cache-ams21053-AMS
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1671960800.033353,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type
image/png
abp
49
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
227
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6814
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
86935
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 09:24:25 GMT
expires
Sun, 24 Dec 2023 09:24:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1E45
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a524ec9504d0a07dfae5f3a0f5e89b2be633348ccf0efd6fabb1d0e1513ecd0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-68ONPJxEgRXPGEYVNmVc7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-68ONPJxEgRXPGEYVNmVc7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 09:33:20 GMT
expires
Sun, 25 Dec 2022 09:33:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E45
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2374226278320020&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 6814
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 10:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 10:16:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame C2F1
221 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C2F1
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C2F1
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C2F1
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C2F1
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
css
fonts.googleapis.com/ Frame C2F1
6 KB
745 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Dec 2022 09:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 08:06:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Dec 2022 09:33:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2F1
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:39:53 GMT
x-content-type-options
nosniff
server
cafe
age
86007
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 25 Dec 2022 09:39:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2F1
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:35:33 GMT
x-content-type-options
nosniff
server
cafe
age
46667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Dec 2022 20:35:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C2F1
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClkcA3xioY9z8LMKJgAfynJmYAYnTl4hu7oGzmOQQ1YeQj5EOEAEghveGJmC7BqAB_5ek5ijIAQngAgCoAwHIAwqqBJsCT9B1N9-TWn11yMUmZInITYYSYAxf6WIJfuvYZzepOAAg3vhIuB4ZFWZIWVfHeEk0luVr-D2wQmSvc0XfWg9T6Z0MGLr3Lf-WKr3vIg1MuRWx1yqHQ8RLj7taXbgdJOomxNmhQrAN0pPxI7BGRFOdPPulqoIZ2tCywtqbUrYMjjir7GfgXolu2A3C_YedxiG-m_O1M8IsnRV2cdfyKV2Om1oYEds5FOYCIT36ZQ7BTob1BIZmsaNciDJlX5gxGkrF27jJGDbmMIMaB9PkfipzZgxHxkexU2mDHHdQG7dUy1YdpjD-qHNB87mP4pBP_EeLYu9cVbZIAHw6Wk6o37nPhNTtpPOcmEcRNZ6QJEdFSjM0HlQqoknJtA5y7sAErf6p74UE4AQBkgUECAQYAZIFBAgFGASgBi6AB__P9MUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ8C7SCBIIiOGAEBABGB0yA6qCAToCgECACgPICwG4E-QD2BMMiBQC0BUBgBcBshceChwIABIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=2JcjU-F79eI&uach_m=[UACH]&cid=CAQSPwDq26N9ucgB8kXTAZADEjSULC7ofT4efuzO31JKjrSU0hVV-do5yXQ2FKdxR59kwpQYjghx6FOlZjc51rqoHBgBIBM&template_id=484
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame DA6C
221 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA6C
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA6C
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA6C
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA6C
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
css
fonts.googleapis.com/ Frame DA6C
4 KB
694 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Dec 2022 09:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:05:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Dec 2022 09:33:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA6C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:39:53 GMT
x-content-type-options
nosniff
server
cafe
age
86007
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 25 Dec 2022 09:39:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA6C
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:35:33 GMT
x-content-type-options
nosniff
server
cafe
age
46667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Dec 2022 20:35:33 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame E876
221 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E876
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E876
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E876
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E876
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
374088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
css
fonts.googleapis.com/ Frame E876
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Dec 2022 09:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 09:13:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Dec 2022 09:33:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E876
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:39:53 GMT
x-content-type-options
nosniff
server
cafe
age
86007
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 25 Dec 2022 09:39:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E876
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:35:33 GMT
x-content-type-options
nosniff
server
cafe
age
46667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Dec 2022 20:35:33 GMT
l
www.google.com/ads/measurement/ Frame DA6C
0
0
Image
General
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaTmlwnlwu2omon4y7OKddimIR4M4galHT9yZgufRE6DGOMRJ9ifvUOuh3vkDDe1yEQtGMSY1NKl2iSqbdGk7q7Y8Dn0-Q
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame DA6C
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5rQA3xioY938LMKJgAfynJmYAczcsoduhajzisYQ1YeQj5EOEAEghveGJmC7BqAB_5ek5ijIAQngAgCoAwHIAwqqBJ8CT9APVAMBrKYo89gria4B3nCftO-LyLFxUtoMzRpPYve-YB4rug9SbkZuk6SFIVsDhzm_K_D15mqfaxVksSxElOFrotHtFbKf4ix-38oXTg3X6d__dsWTOuF6f591LLDFZvjm7ae4MVvqb2o36rVysSNHt_QxlfE2X2bb9cpyGFDpYze1WYv9Xj2vu-Tj_MXpBwDbzpXHMTX-LXnEPvZf1KfV9LFrj_JKb8edHXCEAvi-YKVAvYUAfpjR0NkY_bLuCgOqW8F6DIlkeKYVL9SdYmvI1gE66SH13KZY8kKWDExIZ0kmVYOmT0OpLRHCB-feP58yo4KGTPZf3O_-Icc_6vrjDVgu4Ayqi9s6fQK0WZO978BAuShQxUqnzguP1QrABOrytomYBOAEAZIFBAgEGAGSBQQIBRgEoAYugAf_z_TFA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPDKB9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAbgT5APYEwyIFATQFQGAFwGyFx4KHAgAEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=l23evUsoY1c&uach_m=[UACH]&cid=CAQSPwDq26N9ucgB8kXTAZADEjSULC7ofT4efuzO31JKjrSU0hVV-do5yXQ2FKdxR59kwpQYjghx6FOlZjc51rqoHBgBIBM&template_id=484
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame E876
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3hK93xioY978LMKJgAfynJmYAczcsoduhajzisYQ1YeQj5EOEAEghveGJmC7BqAB_5ek5ijIAQngAgCoAwHIAwqqBJ4CT9DIzugZs2zjbQxiArg1DZ2PU7E5Ropum2XUqO962GmqKRnu__6nYUvFjrVgTj9JteL6Id5SMVb9WridfQcoJOBevtykWNnPQKZTvYm0E_fgU-RycfrjyctnD0D-Q7HLacTIp7gLEZ21IWC583ZOADNFOgeuFxsr-12O4u9_eu4yUqFc5PsS1XneIVBfuSCs3w4-IhDZ2TcJpZ_IMlHlBlwdDvstsp8WXmLnGjW-8iLqse7Ri-gcyTcmvyD4k4WmrVmEOHu6so9Zm0c24F6VBOqzl1kWHkhW6Nf1aI5tyI5f8E7TR3qK_xmQA51WHHDt6spRk4Eh7IioMoiy3gQ6WZ5FnVs1spdUeLOZXVFrSSMPzDqyzoJOZGoWbWmsgsAE6vK2iZgE4AQBkgUECAQYAZIFBAgFGASgBi6AB__P9MUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4-sD0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsBuBPkA9gTDIgUBNAVAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=B2w4Tfk7ePo&uach_m=[UACH]&cid=CAQSPwDq26N9ucgB8kXTAZADEjSULC7ofT4efuzO31JKjrSU0hVV-do5yXQ2FKdxR59kwpQYjghx6FOlZjc51rqoHBgBIBM&template_id=484
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

2076313506083323656
tpc.googlesyndication.com/simgad/16755373053258849398/ Frame C2F1
19 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16755373053258849398/2076313506083323656
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6a64ee9095449a2bdc60919eb18f16c357474926bcd0d38c3b2e1def3e51761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 05:41:55 GMT
x-content-type-options
nosniff
age
445885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19953
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 18:52:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Dec 2023 05:41:55 GMT
3081865409853028496
tpc.googlesyndication.com/simgad/ Frame C2F1
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3081865409853028496?w=100&h=100
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4864845dfa501e1c7f43a24a8fd85dd5f68d54cec4caac8c0a82c4071c0a3eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:03:34 GMT
x-content-type-options
nosniff
age
394186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3149
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 15:07:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Dec 2023 20:03:34 GMT
truncated
/ Frame C2F1
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C2F1
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57acbbdaf25e5e6e57cf984146e9154cb586521aed4c12a17fef5a1cba45f226

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
6592766407814317453
tpc.googlesyndication.com/simgad/16755373053258849398/ Frame DA6C
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16755373053258849398/6592766407814317453
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499b8aef1e67b32126c562b9b4cd981589bb72b1df32d18042c368a90776a299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:24:44 GMT
x-content-type-options
nosniff
age
162516
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18249
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 18:52:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 12:24:44 GMT
3081865409853028496
tpc.googlesyndication.com/simgad/ Frame DA6C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3081865409853028496?w=100&h=100
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4864845dfa501e1c7f43a24a8fd85dd5f68d54cec4caac8c0a82c4071c0a3eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:03:34 GMT
x-content-type-options
nosniff
age
394186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3149
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 15:07:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Dec 2023 20:03:34 GMT
truncated
/ Frame DA6C
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f0d3ae9c986e9bc7ef7c37168cf49fd889cde7cc7222a2ee16718c2c9380de0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
2076313506083323656
tpc.googlesyndication.com/simgad/9003232464024332512/ Frame E876
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9003232464024332512/2076313506083323656
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329f4c9fcfc23334dcce8342b5f864b78ab7fdf3bd6a2f7af0095ba93794574a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 06:50:32 GMT
x-content-type-options
nosniff
age
528168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14067
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 19:02:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 06:50:32 GMT
3081865409853028496
tpc.googlesyndication.com/simgad/ Frame E876
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3081865409853028496?w=100&h=100
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4864845dfa501e1c7f43a24a8fd85dd5f68d54cec4caac8c0a82c4071c0a3eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:03:34 GMT
x-content-type-options
nosniff
age
394186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3149
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 15:07:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Dec 2023 20:03:34 GMT
truncated
/ Frame E876
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E876
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc22d8a3480d4feeee6649d9fc8056b21ba66c1fbdb09e7e3a1c63933dbea6a4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2F1
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
492508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2F1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:40:44 GMT
x-content-type-options
nosniff
age
132756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:40:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DA6C
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
492508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DA6C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
222665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E876
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
492508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E876
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:40:44 GMT
x-content-type-options
nosniff
age
132756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:40:44 GMT
generate_204
tpc.googlesyndication.com/ Frame 6814
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?n8XUPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:33:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/
0
59 B
XHR
General
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
2
pragma
no-cache
date
Sun, 25 Dec 2022 09:33:20 GMT
via
1.1 varnish
x-served-by
cache-ams21028-AMS
server
nginx
x-timer
S1671960801.718332,VS0,VE2
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Dec 2022 09:33:20 GMT
x-amz-request-id
QGKR13PZZQJQBXVH
age
2073
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
1qtQVxWi/DHISGBHIO99deg4ePVGlY/71vCcXWbIc/jfDAWUGJ4XlnjrYRO633VuuJhSs6lOt9I=
x-served-by
cache-ams21028-AMS
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1671960801.879652,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
49
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1750
/
pips.taboola.com/
64 B
240 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
55205353da9b0b65e6dbded53b79e882b563a21dd747d3156789d961a59517ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-ams21045-AMS
date
Sun, 25 Dec 2022 09:33:20 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2374226278320020&bg=!2tml2Z3NAAYgquz3AKo7ACkAdvg8Wpa8h2X2es__vWDjOOnPspD4lPPVJdRJbcx9sQrc4QqhSlyC9AIAAAB3UgAAAAJoAQeZAuRpNw5niEn-WSqnJgOzDzvDnz_JAd97B9IL2vjrh7zmEX7iXceZETaR-BM4wxJ0VZkzXABm7FMINmx5sMjUlY_REoFXCsNqwnXoKHY37VTyfiS3sCerCgtRJ6xg5n9xYyzv5llwAJ1x40sU_X-OMMRdDjkbN1TEPVB8nxDXhaFPetT-Wxc0-ClRDvFNYRU_G6g4HilKrbTi3lBfiWyzRgM4w2y8WJ0AY1nATE5WVOUMzRPdSlJNqPbt9OmT5cFDC8wzayHeFsdb2wf088XxOARdxKrBkqy3SD7-2z3JIPhiTJxP94lAi5mFNUM-aCfxkKX8DZNMdsy19vUHljli7cqnB4z7jhVkpxCIyIsZw5WmdARvJPG7AdakTL7JA8DVYZZUreuG8gH5yY3YfXw9BPSaZziNU84a6vY-SEcSIr9SINSJ2w-LfUpIsGdpNh0yQVIpYpa8JlXy32je8KXJ2SGY2kCd495AGSmPBuWok9isUQZNU4-5zTVGi3Ghf0LY_OW8WewIQtt9pr4YfcgUa8bslNLaDlsbHvq6_wX6AsUaDlZH3Tlw5Ifc7A24AQ5UmbW9gF9eLaBDQa55xMwru5AP97FOL_Qk_Uc_4LiIzLZ4Goi-wPyX50vQ18TSSiOiPmleItygKDP3obEtEbReRrkty0OLBGsu_Pz16Ym-ONzKlSsAFSYdLMuQAm4N3ujjw6bKP07YsZc9-zWEwIHbTIHG6Al3OcG2QrYs9i2cqw61qsKaXZjbDP3SLh12O4TCmDB9DHuQTdcmiIxcvMl6OHQuxzkA2pWEoCir0MHjt1hjolOZ3_VePZkDBbEnUKLeV-4LhMeajqCuDKhalX-S1mhb7ZwvHGAtDtIxgiUUYkiGxx3yyLfs9411L5_PW7BjU5trYIp7iAxMzkdoUh0jJ1UQG4A-1ogUG1Nwgdclaww5Z04QNQJYmqXnY8h-X-Cwma2auzEQQ8az7pqYPnVx2WZMi2zZPg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e&uad=b87d21bc9bf17bdf2ddad15f1ebd4da5fa99f9bcc4effc16a2e952a24fd5097e
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 09:33:21 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame C2F1
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZORfpLi3_9eIvI8_lS6ReMsne8oUEFiFHTJDsMebDExcKfMq9FV2_n0Ki7WWHearyj_yS5MobunRUYglmrqSC30U85wRQm3FgeVcJscwhBrRtc-0lgilJLMI5Sdhsqe4Qv27jp7s&sai=AMfl-YSx8pjF-vJE6MJDnFI0DtAMQc35baB3LvBh_NqUGSN4NfqBPjb-anlcteHtIL1ncfY-cY7GTUQ9dCPKM2J-1Fyj-ekqZynMCJGykOBorH_dGkZgL0qBYKKYuQDWmHaA1_Y&sig=Cg0ArKJSzPS1BXvjiPRvEAE&cid=CAQSPwDq26N9ucgB8kXTAZADEjSULC7ofT4efuzO31JKjrSU0hVV-do5yXQ2FKdxR59kwpQYjghx6FOlZjc51rqoHBgBIBM&id=ampim&o=325,578&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=502&tls=1502&g=100&h=100&tt=1502&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DA6C
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKKpnJqpRb0bDKfPqboN9Rl4dMSdZ8Yzpj95swQVDieTXbxH8GqUNYsGLlfWQOl6GdhxJ7SsFEB31RUX0meZ5EXtDYeUjvQUc2sfXlFamjfp7WyePN9fF54i8XjcACfckNXvPWS7Q&sai=AMfl-YRrNTC7GykMuCiCPuCPl8rryU9EXre9UAJ6bK9L8KwhIWYOYklGLOkQ_6wRuGjydOY1nMRyjtXkQ43p_zowlk2b8h1AgwslIId_pL5Ewx5LDvplHWtHXNdamHCfq7Z0pAw&sig=Cg0ArKJSzD9JLnyC83_qEAE&cid=CAQSPwDq26N9ucgB8kXTAZADEjSULC7ofT4efuzO31JKjrSU0hVV-do5yXQ2FKdxR59kwpQYjghx6FOlZjc51rqoHBgBIBM&id=ampim&o=40,1076&d=1520,124&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=486&tls=1489&g=100&h=100&tt=1489&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E876
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiABPtzFP29c6LtrGwafZ0js_Z7ynucP-DOUeq6FG_RAmHjJJxybB29ASk9vwT_4AB6Nhi0jrVPcksxIb413o2KhD5uCsL1TCZgaYM1lM8Vqn6lObtexm0XSRJ1SEMx6tewx4Cnwo&sai=AMfl-YTBytI_q8ZVxafvis6ZhLgdNGbEpotHZe_922kQ5iICZLxF8qUWDdL7_VzISf90uQ8QNP3N5QnJyEFmmX4jfYS4gBn81Si5AOIzmzF2FkUyQnDy39SOW7oFMNGsSGdlQMA&sig=Cg0ArKJSzMqw_3ITKvQ0EAE&cid=CAQSPwDq26N9ucgB8kXTAZADEjSULC7ofT4efuzO31JKjrSU0hVV-do5yXQ2FKdxR59kwpQYjghx6FOlZjc51rqoHBgBIBM&id=ampim&o=975,578&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=478&tls=1483&g=100&h=100&tt=1483&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 09:33:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
servt.vidcrunch.com/ Frame DCA5
0
93 B
Ping
General
Full URL
https://servt.vidcrunch.com/track?d=Chrome&cou=NL&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=25385&t=1671960799&cip=37.48.94.41&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&test=&d64=aea110128db5aff75ce920fcea92522c&d63=aea110128db5aff75ce920fcea92522c&aafaid=&proto=http&uid=449e716454a4a45044e1a076a445395b&cha=0.7&stagid=&stplid=&d35=&d36=6.2.68&cb=20926247363&d39=&d65=&d66=8.2.6&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.46.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-46-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 25 Dec 2022 09:33:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.vidcrunch.com
URL
https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/d6932a57bc3c672a0b73ae0d14418d3e.mp4?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

409 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontentvisibilityautostatechange object| __cfQR function| gtag object| dataLayer object| _taboola string| bs_id_1716 boolean| __cfRLUnblockHandlers object| TRC object| _tblConsole undefined| msg object| _comscore object| __gcse object| aawChunk object| aaw object| _pbjsGlobals object| googletag object| teads_analytics object| apstag function| docReady object| mnet object| liQ function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| COMSCORE function| udm_ object| ns_p object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId boolean| apstagLOADED object| _gcio function| s_hsp function| pb_sdp number| mt_gdpr_on object| mt_gdpr_content boolean| pb_4 string| pb_9 number| mt_ext_stat number| mt_ext_stat_send boolean| mt_bid_cache boolean| mt_cmp_on number| mt_cmp_opt_lvl boolean| pb_l_result_found number| pb_8 number| pb_gv object| mt_temp_params number| mt_global_build_time object| mt_special_params object| mt_stopped_tags object| mt_google_slot_statuses object| pb_cl function| mt_get_container number| mt_start_loading_time function| pb_lg_proc_style function| pb_lg function| pb_lg_m function| pb_lg_group function| pb_lg_cond function| mt_add_temp_param function| pb_th function| mt_test_passback function| pb_ib function| mt_search_divs function| mt_search_div function| pb_f function| pb_f_sub function| pb_i function| mt_gtt function| mt_get_tag_by_id function| mt_get_tag_by_block function| mt_get_el_desc function| pb_l function| pb_sc function| pb_cp function| mt_get_geo function| mt_check_image function| intFromBytes function| bin2String function| pb_cb function| check_double_time_diap function| check_time_diap function| pb_rds function| pb_rdn function| pb_rde function| pb_ggr function| pb_ci function| pb_cg function| pb_cc function| slsc function| clsc function| glsc function| pb_glv function| pb_clo function| mt_check_block_mask_id function| mt_check_block_pattern function| mt_check_mask_pattern function| mt_undnone_elements function| pb_pi function| pb_v function| pb_xr function| mt_set_tag_leveling function| mt_get_day_of_week function| mt_set_script_tags function| mt_put_wrapper function| mt_custom_replace function| mt_check_have_childs function| mt_use_teplate function| und function| mt_rp function| clear_id function| mt_check_ip function| lrm function| lgf function| chr function| mt_filter_script_repeat function| mt_filter_custom_triggers function| mt_filter_stop function| mt_filter_sizes function| mt_get_all_sizes function| mt_filter_iterations function| mt_filter_cmp function| mt_mlt_filter_template function| mt_mlt_filter_auto_placement function| mt_mlt_filter_multi_blocks function| pb_fsbl function| mt_bl_ex function| mt_ch_mltb number| mt_prebid_timeout_default number| mt_prebid_timeout boolean| mt_prebid_timeout_changed function| pb_h function| pb_rn function| mt_native_try_tag boolean| mt_window_focus_state function| pb_srl function| pb_a function| pb_pt function| mt_dt function| pb_s function| pb_spt function| mt_execute_passback function| pb_p function| disp function| pb_e number| mt_google_collector_activate_attempt function| mt_init_google_history function| s_g1 function| mt_receive_google_event function| mt_process_google_event function| s_g2 function| mt_check_google_ready function| mt_get_google_slot_by_id function| mt_clear_google_id function| mt_get_google_iframe_ad function| pb_st function| pb_ss function| pb_se object| cmp_list function| mt_get_cookie function| mt_register_cmp_events function| check_cmp_timer boolean| mt_cmp_refresh_activated function| check_tcf_api function| mt_refresh_tags_cmp number| variable_1 object| didomiEventListeners object| mt_custom_triggers object| mt_custom_triggers_to_tags object| mt_custom_triggers_functions function| pb_pttg function| mt_process_triggers_array function| mt_process_triggers function| mt_process_trigger function| mt_process_filter function| mt_get_var_sub function| mt_check_google_ad_targeting function| mt_client_stat_add function| mt_add_client_stat function| mt_clear_client_stat function| mt_send_client_stat function| mt_client_stat_show function| mt_add_google_event_stat_click object| mt_client_click_iframe_stat_object function| mt_client_add_click_event function| mt_client_analyze function| mt_tag_have_deamon_leveling function| mt_client_deamon_leveling boolean| mt_blur_event_added function| mt_hbstat_process function| pb_so function| mt_add_dnone_stat function| mt_send_googletag_stat function| get_recursive_object function| mt_check_double_impression function| mt_send_double_impression_stat function| mt_start_double_impression_timer function| mt_check_adblock_exists function| mt_add_google_send_stat_temp function| mt_add_google_send_stat function| mt_send_google_statistick function| mt_stat_get_connection_type function| mt_stat_get_os_type function| mt_stat_get_device_type function| mt_stat_get_browser_type function| pb_m function| pb_d function| mt_add_special_params function| mt_remove_special_param function| mt_clear_special_params function| mt_show_special_params function| mt_toggle_special_param function| mt_clean_override function| mt_clean_all_overrides object| mt_outdata object| mt_words_dict function| mt_try_words_dict object| tag_templates function| mt_statistick_tick function| mt_add_ticker_statistick function| mt_send_ticker_statistick function| mt_set_timing function| mt_have_timing function| mt_round_timing boolean| p object| pb_t number| pb_5 object| aniplayerPos object| ggeac object| google_js_reporting_queue number| googleNDT_ number| googleAltLoader object| lotame_sync_16576 function| ha object| gaplugins object| gaGlobal object| gaData function| GCIO boolean| pb_6 boolean| mt_refresh_looker_start object| PublisherCommonId function| lotameIsCompatible function| sync16576_ba function| sync16576_b undefined| sync16576_c undefined| sync16576_ca undefined| sync16576_d function| sync16576_e object| sync16576_g function| sync16576_da function| sync16576_ea object| sync16576_ object| sync16576_ha object| sync16576_o object| sync16576_ta object| sync16576_K function| sync16576_aa function| sync16576_a function| sync16576_f function| sync16576_h function| sync16576_i function| sync16576_j function| sync16576_k function| sync16576_ga function| sync16576_fa function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_p function| sync16576_ia function| sync16576_ja function| sync16576_r function| sync16576_ka function| sync16576_s function| sync16576_t function| sync16576_q function| sync16576_u function| sync16576_la function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_C function| sync16576_ma function| sync16576_G function| sync16576_H function| sync16576_na function| sync16576_oa function| sync16576_I function| sync16576_J function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_L function| sync16576_M function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Z function| sync16576_X function| sync16576__ function| sync16576_Y function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_3 function| sync16576_8 function| sync16576_ua function| sync16576_4 function| sync16576_6 function| sync16576_va function| sync16576_wa function| sync16576_9 function| sync16576_7 function| sync16576_5 function| sync16576_xa function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_$ function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea object| hadron boolean| __halo_loaded__ function| setImmediate function| clearImmediate object| ID5 undefined| google_measure_js_timing object| mt_google_history boolean| mt_google_collector_activated object| webpackChunk_aniview_player object| avContentPlayer string| nam object| placementData object| au object| cmTag object| _cm_wfCounters object| storageAni number| google_global_correlator object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| mt_google_stack object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests number| pb_0 number| mt_time_old number| mt_time_new

21 Cookies

Domain/Path Name / Value
ultrasurfing.com/ Name: _uc_referrer
Value: direct
ultrasurfing.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.scorecardresearch.com/ Name: UID
Value: 176555d4ec72a430e4847621671960798
.ultrasurfing.com/ Name: _ga
Value: GA1.2.165437214.1671960798
.ultrasurfing.com/ Name: _gid
Value: GA1.2.1682759169.1671960798
.ultrasurfing.com/ Name: _gat_gtag_UA_105623949_1
Value: 1
.rubiconproject.com/ Name: khaos
Value: LC36AGKT-1T-JYX7
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq4JzAwMSErqOXUadRsMXL7tE4q61KpmVnEX6pakvgue/2SASAslxPrTI8Z7nfGi1ikOYjAkmURkSYbB5SW5XQ3B4Djz+PKaDGma+WVcS1g3g==
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEw3rGgnQY4AUABSAEQ3rGgnQYYAA..
.adnxs.com/ Name: uuid2
Value: 6777071550122570296
ultrasurfing.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9c0d9176-c8c5-40d0-86aa-fdf3dedb6f71-tuctaa19e5e
.spotxchange.com/ Name: audience
Value: 2acd1e0a-8437-11ed-9a53-1626150c0406
ultrasurfing.com/ Name: _lr_retry_request
Value: true
ultrasurfing.com/ Name: _lr_env_src_ats
Value: false
.ultrasurfing.com/ Name: cto_bundle
Value: ZlfsMl9TTFlLVzVERzYlMkZsWmRGV092eFR4a1NjYjRJWG9GT01vZ3BuUXVjb3pKanI2M0dXNExGWklmUjg4UUFpWWs1eUp5Q2RRc1lCZ2NtY2ZRJTJGbk1IR3Y0dzZkMkhWVFhhOHJrajE5cHBhJTJCa1hwMzBwcEM5SmY2NkR1JTJCVEt6bEVuc3MlMkY
.ultrasurfing.com/ Name: cto_bidid
Value: 6BVLo19tTUg5Vk1hSUtuMHZkdDhreUdjSGFjbGJIUWVMc3BkZ24lMkJ3cFhBODJ4NG9TNkp6a3RBTFY4RHBndHlidTVoNmNVNHhIOVFUb3o3NXRtJTJCNWtBY0hNTVElM0QlM0Q
.liadm.com/ Name: lidid
Value: 9022c762-5e52-4b70-aec0-bd96613f004f
ultrasurfing.com/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%226eit_IyUp15EBtOimmHA2tLfZ8HSsftWsmFIBw%22%7D
.ultrasurfing.com/ Name: __gads
Value: ID=c2cb6cbe94974cb6-22d731fd62da00f3:T=1671960799:S=ALNI_MazsDLMpmK9uMNtiAGTsd15wXscsQ
.ultrasurfing.com/ Name: __gpi
Value: UID=00000b981bb0687c:T=1671960799:RT=1671960799:S=ALNI_MbDi0J4DppN0sqsTIBU-yYTRmuzNw
.doubleclick.net/ Name: IDE
Value: AHWqTUnLibVlihpre7X-q0imBUNQoQgEAR_kuxZ_gbJUAugBSQ8hh8nSJvdGXRKk8jM

5 Console Messages

Source Level URL
Text
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

81e69b07a15762b6bb0daf646650e9c0.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
ads.yieldmo.com
adservice.google.com
adservice.google.nl
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
brightcombid.marphezis.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidcrunch.com
cds.taboola.com
clients1.google.com
cloudflare.com
cse.google.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
grid.bidswitch.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
increaserev.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pips.taboola.com
player.aniview.com
player.avplayer.com
prebid.a-mo.net
prebid.media.net
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serv.vidcrunch.com
servt.vidcrunch.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
tag.1rx.io
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
track1.avplayer.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleapis.com
www.googletagmanager.com
api.rlcdn.com
cdn.vidcrunch.com
108.138.4.10
13.32.106.197
13.32.121.72
141.226.228.48
141.226.230.50
141.95.98.64
147.75.85.234
151.101.1.44
151.101.129.44
151.101.193.44
151.101.65.44
162.19.138.82
178.250.0.157
18.157.162.215
18.66.122.36
18.66.97.8
184.30.21.51
185.89.210.90
185.94.180.125
192.241.157.60
2.19.44.144
2001:41d0:701:1000::96f
213.19.147.42
216.52.2.19
23.218.209.56
2600:1901:0:8344::
2600:1f18:612b:4264:6839:a1d8:f51b:a60b
2602:803:c003:200::51
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:20::681a:7e
2606:4700:20::ac43:49e4
2606:4700::6810:85e5
2a00:1450:4001:802::200e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9a
2a00:1450:400d:804::200a
2a00:1450:400d:805::2003
2a00:1450:400d:807::2001
2a00:1450:400d:807::200e
2a00:1450:400d:808::2008
2a00:1450:400d:808::200a
2a00:1450:400d:80c::2001
2a02:2638:1::13
2a02:26f0:f700:2b6::2c79
2a02:26f0:f700:4::212:4f15
2a04:4e42:600::485
2a04:4e42::300
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.234.22.15
3.67.152.39
34.107.148.139
34.198.143.91
34.233.111.211
34.249.65.187
35.71.131.137
51.89.9.254
52.24.69.139
52.28.203.152
52.72.235.91
54.158.226.104
54.234.46.36
54.73.211.146
8.241.45.122
010013e3cda0ac7136cf3a6e98af9b89e194b75d9a22128e841fcf27dcabcf1e
03f8018a775536dc007514e6449b220ccaf1cf4da04175c827b42ab09d00ba7e
0414f5c00da29a106c1f089f4db4597cc13077d2844bd927635332724125b1dc
05206ff71f7393516a2e381ad17f1f185ebe3af8d8e8877c4e719b6f5a5e5558
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
08b886a3a1524aac5442ce7e4d4fc63a8456576f821a63733671dab63a29fed9
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
130687fd3fe43fe2232ffad04bde626856ec531dbebcc02a8abef3a69646a0e9
131ca26a22406402ec0b8046325e613a3f676656f2e8c084acf47593b0e3c491
1335f0ec7e6455797128454dfd4425a5d8b2a6d635113262e1760c574a22bf58
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1802cb084d215bca8bd79b67cfa918356fae39b53928110692bf9d8ef4f14663
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e7026ead91b7e20a029ea2277b77776db07632aa458a1fad3c061c6c3878966
1f79f708b0410e96cf1369d93f72e8ee698bc9b8dc4f5cd45fe94212c0dd5ec1
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22f04b0177cbb9f714773bda5d775e3d75bb4b8d9f339b5d7ef99e492f8cebd8
234ff655a53dd4133ed246599b95785d658451cb63668c13ef8e33b6051788b0
239433c0ce308323ba760276d64ea026d84c6c036fb2b734477798a7b2fe79b4
297f9ba17399952c1c714755f4e3a2b00b4ca7a911cf24533c26a3039b323700
2a2046e6ec00dd17f74f7389a4a08cde9b440c314badb267b3aa2b5c47f39ece
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2d736bc55b62afd124d442bfb955da229dd09c26701da60a13bdb159d1d70502
3263c85164d54df17eefdb7ded09df37b24e196bd3a7101a9d83383392a88829
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
329f4c9fcfc23334dcce8342b5f864b78ab7fdf3bd6a2f7af0095ba93794574a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3715c561b4f9a2d7abf673cceace1c2dcc40ade4d0203e430944f87cc737f4ad
383a436f40226fa571b607ac743a7e8f7f9ab3f00a11ef5839506bb63714e625
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39ca6fdb79fb82bf2f5cfbab974c96e623d407abd51c32dfbc44e2cc2a220578
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3ab9007f62011309c435bb40f8a755f9a8af090333705eefc3583a366f5baf5c
3c769ef4341290e0897a12360ed7d5f0c5249e247f3739dd7db9b468d01c5101
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f0d3ae9c986e9bc7ef7c37168cf49fd889cde7cc7222a2ee16718c2c9380de0
3fb5a43b96b4a70892eb327e29120fbaecba1265ad20f9f3817840ab3ae13e51
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
447cb2bffafd6564b1b46aac639c114c6b98eda0b6e6fe8644703744b47f037d
4565a34b0fba23d7b5b6a6471db6b633624f13f40723acda33cc310d1f4e3515
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
4864845dfa501e1c7f43a24a8fd85dd5f68d54cec4caac8c0a82c4071c0a3eab
491ba77d589e51b87284bca75f92ba6828f4dd011736750d06a4739d9e0ea66f
499b8aef1e67b32126c562b9b4cd981589bb72b1df32d18042c368a90776a299
4a524ec9504d0a07dfae5f3a0f5e89b2be633348ccf0efd6fabb1d0e1513ecd0
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
4bad2ad9152d0075fdc6390891f46df78da9e4d681d557f80554190fb3b119ca
4ef140d9f344d91e0612c015b960f82f265e1f386e9669a9314362c33ae1296d
4f531669242cf6df91b8b386ce41e288b3a108858e69f5142c54ab6687bd0653
55205353da9b0b65e6dbded53b79e882b563a21dd747d3156789d961a59517ff
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57acbbdaf25e5e6e57cf984146e9154cb586521aed4c12a17fef5a1cba45f226
58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420
5a03bc6f8a4016dbc7a0ae2347008521083839f5076118ac7789fc3cd9071458
5d3d27a7a9c6c30b6b8be95890230b5a583269b7b9b443009064d5d43fa2ace3
5d4a3eac156e88cbc3c208525578a066c971b709c61c9aeba6b35af0ba4bd8aa
5fc78f995d9031c814a4f8c5c97548927e87d8c24ae1e18157e1ad8dcf29ee07
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
615246ae9b630df80309b5c4b7df65bf1b94c8e1522886699a72ee341e001a48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6faf5ab54bc8712102ae305c9d5c61d02a75acc6b9af052231cadb82ace9524e
70c8929787e5f60c5793609864951c99e6a287f62b90eabfb6d63aafb022b1f0
7264e26700ada552a121d4e0239742315c84baa4eb000534e938e48eafe7a505
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79a23502cb612df1b56a2b503e36646e190bc35539f4c75b9a01ee080cee7fe9
7b96a7a71c27a646cbda3e1bd4aa5129d65c00175ff8aa277e454b5245af81b1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
84124563c358f6ef7c846b1c83cda17bea3bb9a3bfcb4a3ffb385429049d1812
871e0d359046655d3291a63f273062ce30f8b865c98459dd339adf7c0604fbb9
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
8821eb97d46a661a62b6ab6aca701122b49705dd683d3e5c1c9b316726f8659d
8d4760a6aa7f6fdba7e29114a884ea592eb532db4e41b6dbbca912c464f45586
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec7ddeb661434561e45b0c83f42bc5cb11ea4e9f72fd8ee906fd6044bad9f0b
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8eea54f2bbbc0c043777c4d7738b962b674799f5aaf4e02bcc695f24b99d38c8
909c41989706f9851fd91ace23784f43a5bd70aa9c825dc521225765b98ac582
92355eeb6bf78e36d2fc918e092fea0b02132c087cbbd0d3dfa57c04ab87bee3
92b7b83b25369877730843d83bf89a95e1cdb32f83cdff1cca9a61f5760ed793
94b05a343f3630fa512da75aeded34f503f8155e5f1d623dc5ff190c6cbcadd5
962e14591b1134c488280aa7935148272b1c8efbd0fc00c31146138b4b42d226
973a1d54e9779b69bee79ba7b52e20c3b14d9619b76f40ad1810556a9f78fbb6
9847e45f88f9af23d7bf0d6fb97f162115b550dc98ac3e2aca7f59a00e922141
984f92a992f6c33a96a6dd7d6bed449a9bfeadc7fe208ed93957389b2eecfc4b
9b43c8439864ae8b54b6b6e1bc7ef3edda1e48309bf96e6757b369068ec1e730
9e3d48c25a5e12be89f29223d02520e6187cf2416ee441333b61d71ad4efe3fc
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a04b584cdf2d5adb89b8fceb0b34c55042c7d3e558aec895162b8726d0121e2e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11a5ca2354df95cc586653353f4610f3b56bde28d680998de8afb57e53aefe7
a16d627fccd0fadd4f02db9de6a07c4e7ca17abcf832a0cf87b0374cbff64b2c
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2dc805d6b646bed8143003a293b2dfe9790f7a840b90c270465db84b421012a
a3f6995da1355f918b6b6b1801d4df9aca02bdb7f3f20c088812e2ca2fc1d1cf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a64ee9095449a2bdc60919eb18f16c357474926bcd0d38c3b2e1def3e51761
a966c71fd6d4a5c0d261c08b406f9fe336bd6408cd527ef113996b2e4162131e
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aba08d703347050c604f1acfaa4d57b8cf60d5fe8efeea683ba8758d4fa6ca6d
accdfc23ad2048716bf3ad944cc19495cd296de1d9cd10c849f3044b52c6ec46
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
ae76b9130c6edad0c8d17adb2d94606db750c5500bc6957ecbeafd4c85ac36d7
aefe48aa26d6a2b3c7ec49454413aeca8367c5dc08b90376e3160fd94edd7c81
af8677b44c8730dd4d37bd1c89183bfb326f53474f472c196a04da756e50fd1f
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b2bea2da9803c4ecc5861d210f88a8550399fa316e9a1d2e3e89c7319f5bbbfc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5b49e606e69f8c211f4ed4770cf0512bcfab983c7a27e48efa7330052ebc749
baf252a7147ed40b0bb202925355e3c604b0ef1dca007a585a377dc4d3a06ab6
bcee1877688667365b8310d90db9779ec29c05827a8add6364de0d09afa94fec
be2035ab5cd8eb913d70e2bb09d1c3a40f9fbe93a884da97ea473b0662924d36
bfea61672e28f3a8af73bb047a744ecc8244f517b6ec91bd95c60b587a24b966
c3686be9196ea138bcd843fd61ceffd7be5a4460959bc9cc93fc436027fa274a
c3a1682bfd86890534c91a2aea0f6e203ef8a7be23813e143a5fec7090be85e2
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5bc944b10a958825824d5e7bca19c7e5ee5ae9c4da98be5ddd31b2c2c68cb96
c61b294df1382d1388a2f2f39137f69d035b4f46a9799f880d65300d91f4fd8a
c620f4e6059fbc031b6c60630aa31ba6bff37c561046fd784c8edd4d60e8d305
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8
c838b5bc6b4e64743f79af42a4dd2939f3766e6f46cbc2a5b4132a2454df85fc
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
cbc648aacc0198cdfe0ccedfcf2ce262022f4fcabd7e15d6099a820c6458884d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ceaa38b4f8166c5f933217685143c29669b5958c6a690ea03027d6baa415ef4b
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d72a7cb167b2059955e372dcd3831e442a2441020e2a9a10b8c356f53f4c3c17
d7dc910be3880f445e192f799f97e219de678dc4140dfbd427e5db68098a6536
d856986d2afb672711a7dc587c048bd771c41ef0dd7630145c2485bdae7ae8bf
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
dc22d8a3480d4feeee6649d9fc8056b21ba66c1fbdb09e7e3a1c63933dbea6a4
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff324febb6bc1c45209a5d5ecbdba0219af80e836a06042d6b4d782b189066d
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e14b279f3ecd111bd0ae0a348d69c3fb730ab52c308acac7f94ce58221019654
e2e407adcd1f1f76232a2feab4dd7f8cfab656a21e923ddeb41c3ed667faa725
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c44cf00f1c8baf650445bd016b12904c4c8443f9709d423ef0f993f679f03d
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
ea6a5d19e996a6a02fc6a25098e6918b6c7eecb3a31cf3869f067bf89fa2e0dd
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeea233903598d262225826244276057043129b5f6eb416bdae85bb95da487c
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1186fb2e987f63900be84680f222da84c659981a30fa8a6187a894e253a7d48
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6bc5f06ff10ef0a606dba8512244b4894f22b89512f56842f80a36cea3be99f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9
f94b99e126b3c8acd070cc337dfa76d8f836bf5d0b8e9a36ebf6a182ea9fd481