urlscan.io logo urlscan.io
SecurityTrails logo

ultrasurfing.com Open in urlscan Pro
2606:4700:e6::ac40:c516  Public Scan

Go To Rescan Add Verdict Report
URL: http://ultrasurfing.com/
Submission: On May 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 8 countries across 54 domains to perform 278 HTTP transactions. The main IP is 2606:4700:e6::ac40:c516, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 338016.
This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 151.101.65.44 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
1 4 52.222.208.154 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
76 151.101.1.44 54113 (FASTLY)
2 13.32.121.37 16509 (AMAZON-02)
2 213.19.147.43 26120 (RHYTHMONE)
1 18.66.122.63 16509 (AMAZON-02)
2 37.252.171.21 29990 (ASN-APPNEX)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 54.75.237.72 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 216.52.2.91 30282 (AS-INAPCD...)
1 3.73.41.176 16509 (AMAZON-02)
1 51.75.86.98 16276 (OVH)
1 147.75.84.158 54825 (PACKET)
3 2602:803:c004... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 18.194.247.115 16509 (AMAZON-02)
1 2a06:8640:454::2 55081 (24SHELLS)
1 178.128.135.204 14061 (DIGITALOC...)
1 13.32.119.77 16509 (AMAZON-02)
1 23.205.176.78 16625 (AKAMAI-AS)
1 65.9.66.122 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 44.213.190.84 14618 (AMAZON-AES)
2 2620:116:800d... 16509 (AMAZON-02)
2 2606:2800:233... 15133 (EDGECAST)
1 52.23.141.230 14618 (AMAZON-AES)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.254.125.132 16509 (AMAZON-02)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 162.19.138.82 16276 (OVH)
3 141.95.98.64 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
13 141.226.228.48 200478 (TABOOLA-AS)
1 2 172.217.16.134 15169 (GOOGLE)
1 2600:1901:0:8... 15169 (GOOGLE)
1 44.205.127.242 14618 (AMAZON-AES)
1 46.51.163.206 16509 (AMAZON-02)
1 104.111.217.42 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.117.132.248 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
1 5 20.101.38.191 8075 (MICROSOFT...)
1 7 2.18.233.201 16625 (AKAMAI-AS)
1 1 37.252.171.84 29990 (ASN-APPNEX)
1 1 142.250.186.130 15169 (GOOGLE)
4 52.223.40.198 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
3 3.75.62.37 16509 (AMAZON-02)
3 151.101.129.44 54113 (FASTLY)
10 2.18.235.93 16625 (AKAMAI-AS)
2 2.16.241.19 20940 (AKAMAI-ASN1)
2 23.212.88.20 16625 (AKAMAI-AS)
2 151.101.1.108 54113 (FASTLY)
8 37.252.171.52 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a05:d018:d29... 16509 (AMAZON-02)
1 52.58.235.64 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
10 23.35.228.23 16625 (AKAMAI-AS)
1 40.85.112.191 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 34.149.70.130 396982 (GOOGLE-CL...)
278 78
16    2606:4700:e6::ac40:c516 (United States)

ASN13335 (CLOUDFLARENET, US)
ultrasurfing.com
1    2606:4700:20::681a:7e (United States)

ASN13335 (CLOUDFLARENET, US)
increaserev.com
4    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
vidstatb.taboola.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
16    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
76    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    213.19.147.43 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
p.gcprivacy.com
2    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    54.75.237.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-237-72.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    3.73.41.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-41-176.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    18.194.247.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-247-115.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
1    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    23.205.176.78 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-176-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    44.213.190.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-190-84.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
c.neodatagroup.com
1    52.23.141.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-141-230.compute-1.amazonaws.com
p2.gcprivacy.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    34.254.125.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2600:9000:223c:8a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:223c:6800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
13    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    44.205.127.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-127-242.compute-1.amazonaws.com
idx.liadm.com
1    46.51.163.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
at.teads.tv
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com
2    34.117.132.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.132.117.34.bc.googleusercontent.com
tempnextstat.bcovery.com
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    20.101.38.191 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tra.neodatagroup.com
tracker.neodatagroup.com
7    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
imprammp.taboola.com
wf.taboola.com
10    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    2.16.241.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-19.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
2    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
warp.media.net
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
8    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.58.235.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-235-64.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
lg3.media.net
hblg.media.net
1    40.85.112.191 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.youronlinechoices.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    34.149.70.130 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 130.70.149.34.bc.googleusercontent.com
tempstat.bcovery.com
Apex Domain
Subdomains		 Transfer
98 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 990
trc.taboola.com — Cisco Umbrella Rank: 657
vidstat.taboola.com — Cisco Umbrella Rank: 2777
am-trc-events.taboola.com — Cisco Umbrella Rank: 16166
trc-events.taboola.com — Cisco Umbrella Rank: 1941
images.taboola.com — Cisco Umbrella Rank: 2040
imprammp.taboola.com — Cisco Umbrella Rank: 14139
am-match.taboola.com — Cisco Umbrella Rank: 14462
wf.taboola.com — Cisco Umbrella Rank: 2914
am-vid-events.taboola.com — Cisco Umbrella Rank: 13263
vidstatb.taboola.com — Cisco Umbrella Rank: 5371
pips.taboola.com — Cisco Umbrella Rank: 1646
cds.taboola.com — Cisco Umbrella Rank: 1909
am-wf.taboola.com — Cisco Umbrella Rank: 15847
3 MB
23 media.net
prebid.media.net — Cisco Umbrella Rank: 1430
contextual.media.net — Cisco Umbrella Rank: 635
warp.media.net — Cisco Umbrella Rank: 2557
lg3.media.net — Cisco Umbrella Rank: 5916
hblg.media.net — Cisco Umbrella Rank: 2153
267 KB
16 ultrasurfing.com
ultrasurfing.com — Cisco Umbrella Rank: 338016
108 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
185 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
44 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 440
cdn.adnxs.com — Cisco Umbrella Rank: 1649
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8816
87 KB
7 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1102
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
2 KB
7 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1097
6 KB
7 neodatagroup.com
c.neodatagroup.com — Cisco Umbrella Rank: 29625
tra.neodatagroup.com — Cisco Umbrella Rank: 25893
tracker.neodatagroup.com — Cisco Umbrella Rank: 28041
18 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
110 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
117 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
4 bcovery.com
tempnextstat.bcovery.com — Cisco Umbrella Rank: 123119
tempstat.bcovery.com — Cisco Umbrella Rank: 209391
166 B
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4217
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2767
a.ad.gt — Cisco Umbrella Rank: 3173
4 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
789 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
id5-sync.com — Cisco Umbrella Rank: 444
19 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
287 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1195
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
12 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
105 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2195
592 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
804 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5171
adservice.google.de — Cisco Umbrella Rank: 7680
939 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1077
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1129
pixel.quantserve.com — Cisco Umbrella Rank: 945
10 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
456 B
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 972
x.bidswitch.net — Cisco Umbrella Rank: 324
386 B
2 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 25748
p2.gcprivacy.com — Cisco Umbrella Rank: 22560
10 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 755
163 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
3 KB
1 gstatic.com
fonts.gstatic.com
30 KB
1 youronlinechoices.com
www.youronlinechoices.com — Cisco Umbrella Rank: 63525
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1 KB
1 teads.tv
at.teads.tv — Cisco Umbrella Rank: 4895
338 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 4194
474 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2041
250 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2665
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1194
17 KB
1 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 17746
172 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6379
1 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
555 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 983
277 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
363 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
403 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1307
258 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 661
225 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
566 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
1 KB
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 125
455 B
1 increaserev.com
increaserev.com — Cisco Umbrella Rank: 135140
171 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 agkn.com Failed
fid.agkn.com Failed
0 hbwrapper.com Failed
cat.hbwrapper.com Failed
278 54
Domain Requested by
54 images.taboola.com
16 ultrasurfing.com ultrasurfing.com
15 cdn.taboola.com ultrasurfing.com
cdn.taboola.com
10 contextual.media.net increaserev.com
contextual.media.net
ultrasurfing.com
9 securepubads.g.doubleclick.net increaserev.com
securepubads.g.doubleclick.net
ultrasurfing.com
www.googletagservices.com
8 fra1-ib.adnxs.com increaserev.com
ultrasurfing.com
cdn.adnxs.com
7 pixel.mathtag.com 1 redirects pixel.mathtag.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 lg3.media.net ultrasurfing.com
contextual.media.net
6 am-trc-events.taboola.com cdn.taboola.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
ultrasurfing.com
tpc.googlesyndication.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 trc.taboola.com cdn.taboola.com
4 hblg.media.net ultrasurfing.com
4 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
4 gum.criteo.com 1 redirects increaserev.com
4 c.amazon-adsystem.com 1 redirects increaserev.com
c.amazon-adsystem.com
4 www.googletagmanager.com ultrasurfing.com
increaserev.com
www.googletagmanager.com
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
3 ups.analytics.yahoo.com am-match.taboola.com
3 tra.neodatagroup.com 1 redirects
3 id5-sync.com cdn.id5-sync.com
increaserev.com
3 id.hadron.ad.gt cdn.hadronid.net
increaserev.com
3 fastlane.rubiconproject.com increaserev.com
2 tempstat.bcovery.com ultrasurfing.com
2 am-wf.taboola.com vidstat.taboola.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn.adnxs.com increaserev.com
2 warp.media.net increaserev.com
2 qsearch-a.akamaihd.net increaserev.com
2 am-vid-events.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 tracker.neodatagroup.com
2 tempnextstat.bcovery.com ultrasurfing.com
2 ad.doubleclick.net 1 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
increaserev.com
2 rules.quantcount.com 1 redirects
2 c.neodatagroup.com ultrasurfing.com
c.neodatagroup.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 ib.adnxs.com increaserev.com
2 targeting.unrulymedia.com increaserev.com
2 sb.scorecardresearch.com cdn.taboola.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 vidstatb.taboola.com
1 googleads.g.doubleclick.net ultrasurfing.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.youronlinechoices.com
1 x.bidswitch.net imprammp.taboola.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 imprammp.taboola.com vidstat.taboola.com
1 cms.analytics.yahoo.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 secure.adnxs.com 1 redirects
1 a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 at.teads.tv increaserev.com
1 id.crwdcntrl.net increaserev.com
1 idx.liadm.com increaserev.com
1 lexicon.33across.com increaserev.com
1 trc-events.taboola.com
1 a.ad.gt cdn.hadronid.net
1 pixel.quantserve.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 p2.gcprivacy.com p.gcprivacy.com
1 secure.quantserve.com www.googletagmanager.com
1 cdn.id5-sync.com
1 cdn.hadronid.net ultrasurfing.com
1 tags.crwdcntrl.net ultrasurfing.com
1 secure.cdn.fastclick.net ultrasurfing.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 rt.marphezis.com increaserev.com
1 ghb.adtelligent.com increaserev.com
1 tlx.3lift.com increaserev.com
1 prebid.media.net increaserev.com
1 prebid.a-mo.net increaserev.com
1 onetag-sys.com increaserev.com
1 grid.bidswitch.net increaserev.com
1 ap.lijit.com increaserev.com
1 rtb.openx.net increaserev.com
1 ads.yieldmo.com increaserev.com
1 htlb.casalemedia.com increaserev.com
1 p.gcprivacy.com increaserev.com
1 cdn.jsdelivr.net increaserev.com
1 cloudflare.com increaserev.com
1 increaserev.com ultrasurfing.com
0 api.rlcdn.com Failed increaserev.com
0 fid.agkn.com Failed increaserev.com
0 cat.hbwrapper.com Failed increaserev.com
278 96
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-26 -
2024-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-01		 10 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
sni8045gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-09		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tempnextstat.bcovery.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
youronlinechoices.com
Go Daddy Secure Certificate Authority - G2		 2022-07-02 -
2023-08-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
neodatagroup.com
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
tempstat.bcovery.com
GTS CA 1D4		 2023-03-18 -
2023-06-16		 3 months crt.sh

This page contains 18 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: 3A005EEC2EBD5F38CF6B9754D23C41B1
Requests: 194 HTTP requests in this frame

Frame: https://c.neodatagroup.com/ps-topics.html?sid=2033
Frame ID: 2DFFAA01BE2B2539B461994098254FDA
Requests: 1 HTTP requests in this frame

Frame: https://a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D4979BCE303E2965B7EB0BDA5B558359
Requests: 1 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1683837253663&uv=3275&tms=1683837253663&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c4ce99fe-8354-4d6f-a0a9-00d79b0874fc&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B2F37BF089512F9C8E6F4E7F27441923
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2C116C6F92EAB2127153A1AD7309F5CB
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUkZkB2T7karbP5peAIZf0tWstbk9T-LY92T-CjJCFcYREY4rvGU-wf25fa-hXqm43OW0Odh2SDpUs5DN3zWG219Jk_d4kYy0jBQ-_3bSv_7AMGo4wc2yT7KkMYLzSGY9sPa1MBPMESJS9PlCLAFMcOfChBZ6Ah4lQVOWgn5xoi6TBttR0zEKabxWHYb0p6X-nn-jOLgb-x5cVH5f6qCUKB_Dx8BCJzrZduJEF7pGMmg-sLypfRi1LkED5PGBq9edc_uzp3EjYYzar1sekuyi358MuG3Ud0GRGp8pLQKShdKh2TysioQFJHLcmCDPA4FDUAVe2g7JrQdBuKJ0v9pw3aQP--ns&sai=AMfl-YTUTWb5jCfWy93hM6Rpgw1Uzvs-ZLxezkSJ9aFu23LXTbAYdQBrb4tIrehFBVPV6b4Z7SCUk1sNJE-h0vvUy6liqM-CQD-CNmEB7HovwXVyvX_C8GLkVQSn4AEVA6d5zEJGxkgaqzMbtKiUoSY&sig=Cg0ArKJSzLU8ZHqiOektEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CC404C69CC99C9C193BE8772F558B688
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: D978150A9CFB904EA2A2F7E07BB4694B
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul1WmtdS086mlkQPDlozwkKwfSTFfLOPp9eRge0oWpcuiN9DeGZoxxArDh-l0zD2iXhE3hassVy5i4k8QzIWnQEnMzgTTh-lCp_FcG7Ea-9MY5KMZCHOiGYl84ubGR7PB3G-9i9N6Fe-MZ6BteZh-Nu1N1_19FHooWa16-Qd7vDTUl7SwbuLGFADb4QEoOmubRlhV-jJnjzltJpOs_WNewL-NGo5XoPIY7rWfjYRCLBRLH1SDIRU04UIIc7lonKUcXeeZtAIfWlLnAXOYMa5bJH9lie670SPrDPMv9u5l-7glu_U6-kv2OFtrt7jcLF-3Ux1xESIjOEqV0mpqkEoDK&sai=AMfl-YR470JuQEk57XTlTtWRmXkUM2Z69bhYXp0MtYWZBpzaYrKO1u7ztzju8pLb04hijqtJpZ7mYvgXcAKWPSvniQB0SS8xLrzrU-Yh-gwzXfuyDu_JvrQqsVXWf5zineF77iNmn8G0mLIJf48q3VU&sig=Cg0ArKJSzN7CZho9lVh8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4B6C86D26AE90C8EAF4ED922F73EDD33
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B6A4D17E7B5515145D1E036C9A72BC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12A0E453735FF4E12E351494AB1920BB
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254136309246&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=938462888&size=160x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: E4E0F26F3510517D8E5D6EF5128349C3
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 8ABA1F5371373EFD13D9825994BA24DD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: AC69806CA6EC0F4B8304DB6FC7E4F488
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254670197827&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=434553236&size=300x250&cc=DE&sc=HE&chnm=EXPLORATORY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Frame ID: 82BECE8EAB527B6477DC8CAB2791E119
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: FEF6E781C15BA47D8DE3E0C809D3F948
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3CD773FEC7129A4BFF06E9DB42D1923F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
Frame ID: FCC89B98C1B79572384ECD84E05DB073
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FB9D40ACE2E003E6E7501496759CFA6B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ultrasurfing.com/

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

278
Requests

82 %
HTTPS

40 %
IPv6

54
Domains

96
Subdomains

78
IPs

8
Countries

4897 kB
Transfer

10136 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://c.amazon-adsystem.com/aax2/apstag.js
Request Chain 56
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
Request Chain 63
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Request Chain 70
  • http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js HTTP 301
  • https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Request Chain 91
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CPrs08qO7v4CFanqEQgd1c4E0g;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Request Chain 135
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=33465075845&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=fc40e6c7-1841-4298-839d-9b8f733d1722;pubcid;PublisherCommonId&pbs=true HTTP 302
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=33465075845&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=fc40e6c7-1841-4298-839d-9b8f733d1722;pubcid;PublisherCommonId&pbs=true&neoid=310190af0de059b
Request Chain 136
  • http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845 HTTP 302
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845
Request Chain 137
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=33465075845 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=920203302470529155&rt=img&rnd=33465075845
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=33465075845 HTTP 302
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=33465075845&google_gid=CAESELSxod1FwrQQCppvW8lH9Lg&google_cver=1
Request Chain 140
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=33465075845 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=33465075845
Request Chain 254
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

278 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ultrasurfing.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45702888e715067a6eb82ab454ea9938b6b3f043b18044987988a7ec69e27bb6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7c5d3382b8bc194b-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 May 2023 20:34:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=360OYuiECFFfpC6dNieMQ59CGRTuLgWE2dViAPnuuVLSCJXefXyxjVtbZka5Bgc36RZgZ%2FoVsPOyGVbuZ8E9DjADLJIC3x010SrR4UHNLJTjhgzbGDCcIXrbTIL7ukJb4S8pBGpvHcahMzQyYK3U"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reset.css
ultrasurfing.com/css/ 		773 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/css/reset.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
664
Cf-Polished
origSize=1050
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
W/"5f9a61f5-41a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2o%2Blm0qcsbHec1k1lbL%2BM0bXBNoMh5NRCXWqAFrCAHpw0%2B8xnUGeqkX7lNnO3fmJD34ddQjeDzoBvbFU8DG3ZgToxEvgIjPRqKgv0K7Hyz%2BEUey18Rh0h%2BkBYsTgmB%2BSpElAFkLujbuRDdI%2Bsy0"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
7c5d3384bbc1194b-FRA
style1.css
ultrasurfing.com/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/css/style1.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=19154
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Sat, 08 Apr 2023 04:57:00 GMT
Server
cloudflare
ETag
W/"6430f41c-4ad2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvjev2eyePUwk%2FwlKjIbAssB3PaIVXk3yRRju0vYmjQmLTmHVRzK22W%2BEEhgnSvdwWnYxtbJaqnnzMCkc51jd0glTgz%2FHxysQe6YdVEKy7hNlVlVGVYVhr0zJxJvnZgRLDccwv09PhSnZE%2FHkx2%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
7c5d3384cca892c3-FRA
75a5acb2_photo0_610.jpg
ultrasurfing.com/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/75a5acb2_photo0_610.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09b366c27f31a798adc5d47c57fa03f23a3f0ef6c0f9bfec8d8ff67279e3252

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
32518
Last-Modified
Thu, 11 May 2023 20:33:01 GMT
Server
cloudflare
ETag
"645d50fd-7f06"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeJqr5XogpEQTgu4vRZI6T75Yh%2BPlKcGu69grYUcy%2BU4Hbbm7Ez%2BN2bPOk468vmvyiHno2a%2FKTvlEcqgrCmsd6UuNmRopuzg9GJYY5B%2Fpiitqzdz0Dj6nTQqvbjwIg8YhNOKO3EVKYtYrVCguxd%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d3384c9db9bf8-FRA
Expires
Fri, 10 May 2024 20:34:11 GMT
1e2a5b5_photo0_190.jpg
ultrasurfing.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/1e2a5b5_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b335f65a9002e20099c1f16c441802677a12f17dfffa2a8a313e92bb46b2d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
16311
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5189
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 16:00:06 GMT
Server
cloudflare
ETag
"645d1106-1445"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssS4tzrD%2B2mcTjB7jYRC84hTFlWJjmpHQ%2FFotIilEiiWFx0%2F30HOAOzEyPcEX74O9yt0Vfl2VKa9%2FnxNT%2BIKqRaIZtG4MR04g5TQWJugeEVDhVl%2FAV%2BvZp9Sm5j6UrATlSaMNmHKJg%2B14pB8tUDx"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d3384dbb99bf2-FRA
Expires
Fri, 10 May 2024 16:02:21 GMT
69b74cc1_photo0_190.jpg
ultrasurfing.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/69b74cc1_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f4068707ae8a4ea8d64c8e4e27e1c1047c9f497e98df216d84b39aa5d87ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
9103
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7739
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 18:00:06 GMT
Server
cloudflare
ETag
"645d2d26-1e3b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7En84YkOvIy9gf4OwhmdBkQf5%2B0xVkxK4Wqkyvt5uQSfCME4mpzZZkFnWAHUvCeuYreVpURtLw3mEOZ2lo2fePX8APUGs9W5XfopmC5l0XgKu4JWY3LL4yfcpcZrQ5NE9ap2Ftrg0TfbviPvvEqD"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d3384dbe4194b-FRA
Expires
Fri, 10 May 2024 18:02:29 GMT
75a5acb2_photo0_190.jpg
ultrasurfing.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/75a5acb2_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ad649aa54da9be1d6a397bcef06b6424a2798a6fceb44d3421aec357ac9d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
664
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6788
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 20:21:01 GMT
Server
cloudflare
ETag
"645d4e2d-1a84"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX5ukUPR3I7hmnBkYJ58r1HkWueNMOORyjR4Bvxmt20WVb31s8eC0Q14rnQ99u%2BRZz9FgnEQQtE7gs64wqvpSRHN2lu1FD3Zu9341wu0HnnXCOMIsn30I%2FQvFlofmfKiPipixC85O%2BnoBIkGk0uS"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d3384df27383e-FRA
Expires
Fri, 10 May 2024 20:23:07 GMT
8452fe32_photo0_190.jpg
ultrasurfing.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/8452fe32_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbc6426b069330c054993f1c434f91e2bf464ad386236d1b557483d7baa4dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
10851
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5803
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 17:33:03 GMT
Server
cloudflare
ETag
"645d26cf-16ab"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afeR%2B6bDqntwctWKcGChQzjRNX8xcQj%2Bzd5oURWHY0ZP%2F2OLOcprlz9jtdUdefZqHJG4T6sHpi8re5USvlxTDjT2mxwzh1mU8IYXYwk3HOaRocNIw3BxxYDZOhNdcLK3n%2BuCUiNNw%2ByaYbo46xHl"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d3384dc863689-FRA
Expires
Fri, 10 May 2024 17:33:21 GMT
4c6cd62b_photo0_190.jpg
ultrasurfing.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/4c6cd62b_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357d451ba51323303d179a2abecbd9a78cce9a6458d7a604007a180d92ca72e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
9103
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7759
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 18:00:01 GMT
Server
cloudflare
ETag
"645d2d21-1e4f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9mgA%2BsXhbDGi%2FUgn%2B4HyNif0P9m4eyfSxPy7KkG0NK%2FWdyxnUfSgqCnTc9nDDR%2FVG1aJjI8wgvA8wpaxztNYSPpHxs7%2B8WfYzmKeIGPOG1F%2B5wC7Y9yqa%2FRJ0%2FvTNju5D3iW7rjci52iJKBJgV3"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d3384fc07194b-FRA
Expires
Fri, 10 May 2024 18:02:29 GMT
8b90c9ee_photo0_190.jpg
ultrasurfing.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/8b90c9ee_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850db36fa7d3391441934a0dd53fd23565b6aa473490306851ff7c8a7ee45cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4689
Last-Modified
Thu, 11 May 2023 20:33:03 GMT
Server
cloudflare
ETag
"645d50ff-1251"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4s7Ewo7XlnvKD6mVwqZEmyBaNEIkXb8OZXo3ytvB7RjzBIZ26ZDgmvs24G9XnNOqr9dyllkIA6ZWnyoGCD6GkUK4vfvENk6ueITPilkAguyWS6LcOGt%2FGhQ60TpFzbR2KQ6oQyr2jljxIkK7lRBN"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d33850f62383e-FRA
Expires
Fri, 10 May 2024 20:34:11 GMT
8f4c260a_photo0_190.jpg
ultrasurfing.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/8f4c260a_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44d59b6d0e3be9260bffad9b7dc048a60ca8fc93f82e05e49b0a465c45fe579

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4062
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4235
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:24:03 GMT
Server
cloudflare
ETag
"645d40d3-108b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUp57sooZbTjG70EgOt8%2B%2FNw0kC5zAhV0TFQeBSE7Ql2SFhN1VTmemaIitRQvOvE8lEQ%2FaBJuvw6X2UiJPWQgfaxYLdsHxhbjodnf%2BuN%2BdZARs%2BhrpxM6P8pfUccjYsKxhcyCYYXwODsoaQTHI90"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d33850cc73689-FRA
Expires
Fri, 10 May 2024 19:26:30 GMT
503c428_photo0_190.jpg
ultrasurfing.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/503c428_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd4968084c794b22b923d972baa11298e5a6a7bb2289613bc3e70bb6e6076e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
381
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4391
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 20:27:03 GMT
Server
cloudflare
ETag
"645d4f97-1127"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RL7cYrXrd7J%2B52HFXaq2NT7MNz5YYtCzeSF6IfWwaK50szFJHRdnstksxBRohry3LmZfNL0IkIB8GChXUxRPiSrGDRutr3unetgj1bnoyx2EOjuAdVNZaHiaIBAbUalW5SGbp8cfQ7VK8B9%2F%2BEVV"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d33850c0e9bf2-FRA
Expires
Fri, 10 May 2024 20:27:50 GMT
rocket-loader.min.js
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 28 Apr 2023 14:11:40 GMT
Server
cloudflare
ETag
W/"644bd41c-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWvA%2BTUkLb74lD%2BLy9IXVeboDtTJFvg0HkhMiIVzLexRmOK4KI45iTVnroAQbZi2TCfVCz7F5x3AkY6pJxw4UkvMpWOsEDIwbQHDZTh7Q7%2F8Wx8ZMc0j5oOZKlEP%2BK7KhfkbAcnSeK8n%2BZnpROvd"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
7c5d33850c1c194b-FRA
Expires
Sat, 13 May 2023 20:34:11 GMT
aaw.ultrasurfing.js
increaserev.com/ads/ob/tage/ 		577 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984974b85250965fb864f580aee7f46131ea97e843e21b58289513e33685c31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 May 2023 19:07:11 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnQwwp5LJb5%2BSLOkjIUYN%2BsKYZTwPo%2FEKQFBUo0IrD%2Fbt21i72DmX%2BDCmmAcL87EvTA421PRTqSrsqhfeCwVNHn78qtnZhptYb40PAqDxphJ5Nebv1q3fU8bsgLS0OO%2BA%2FXGkdY02f0yRwukxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
7c5d33883bc49b82-FRA
access-control-allow-headers
origin, x-requested-with, content-type
js
www.googletagmanager.com/gtag/ 		223 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6278300ca6d782967a99237baed59057a5c00d1c240be683b1e639798c08c7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80152
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 20:34:12 GMT
bg_header.png
ultrasurfing.com/img/ 		230 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/img/bg_header.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
27638990
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
230
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-e6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upos4afBtcm2s5c8XLyjMoRCNJP5%2FqSzPq86ZimmNNFCNCOj7WMw0vMEQsdx6e2U9uXF2u4An5VRxzR%2BhaavvfIHy%2BMz7n184gxY%2FleSpIL%2FToBCfFLiY5XrrpNnO4fJyNMD%2FMjwlapsjUggf7ds"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d33882dd99bf8-FRA
Expires
Sun, 25 Jun 2023 23:04:22 GMT
logo-new.png
ultrasurfing.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/img/logo-new.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
8610720
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7316
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-1c94"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxpreRpw2hshEkOdfLrzgsEYj77PYLwt65xJyLN%2BEM33wLFLI8pj6KJ5tksBnL76MkLJzuZTm1ttd3Npx9aEUJ8NciFzS%2Fj1q46VGYGdtr9T5VjTqJBVqCeqSmCEzcgWX35Tw%2F2n3gGmNxwl39wN"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d33882b74383e-FRA
Expires
Thu, 01 Feb 2024 04:42:11 GMT
bg_nav.png
ultrasurfing.com/img/ 		175 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/img/bg_nav.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1172965
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
175
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-af"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TeaBPSDEhcjn7uzA5mzYzoH9Ihh3jQtHC%2FZbLOHv3O57W8iOKZ2zqf6W743eVlyQsgxmZdkM9n7Q1uEMtMpWHvUv2Ea7P1ucnuvTmH2hvjFn47GqK7rMGfop4Fy39eCK3lMYowShZRtGUQa7kNx"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d338828f692c3-FRA
Expires
Sat, 27 Apr 2024 06:44:47 GMT
loader.js
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 		399 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8e539c32bfbcd62f3df27531a558077a11e7fc6dc08b6abfce524da6220bda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hXeeEEgi0x.A0gvPV98e6VW9m.robHmj
content-encoding
gzip
Via
1.1 varnish
Date
Thu, 11 May 2023 20:34:11 GMT
x-amz-request-id
P56Q42A85QNFSNQ2
Age
5627
x-amz-server-side-encryption
AES256
X-Cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
8
x-amz-replication-status
FAILED
Connection
keep-alive
Content-Length
47270
x-amz-id-2
rkB1GlrYpMPzWNt7tredZWXU2yW97SdRhusvibHERlOQJrcmuXg2neqK/JyPAObtUiaRETNKIX4=
X-Served-By
cache-fra-eddf8230091-FRA
last-modified
Thu, 11 May 2023 18:35:45 UTC
Server
nginx
X-Timer
S1683837252.923608,VS0,VE2
etag
"a7d4f7cdeb40da8e12bc159763f691786156e992"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
2
Cache-Control
private,max-age=14400
Accept-Ranges
bytes
X-Cache-Hits
1
gtm.js
www.googletagmanager.com/ 		213 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2801765f598e412092fcea371c1e7e1c1eca752fa1e7750ba69758af2740379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70292
x-xss-protection
0
last-modified
Thu, 11 May 2023 19:49:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 20:34:12 GMT
/
cat.hbwrapper.com/ 		0
0
trace
cloudflare.com/cdn-cgi/ 		320 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd8ca82a2e1c5ce003714f3037c16ca0ad98580c58498ecde003f233364d2317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7c5d3389485f916b-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d7a957eb528dd2b69aa5819f48434fe932722764b636fb1dce56dcb46cd46a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25272
x-xss-protection
0
server
cafe
etag
506 / 19488 / m202305080101 / config-hash: 8653395816841731476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:34:12 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:22:31 GMT
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
702
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
KTU0VRWuJpJ29VdeTF0wrQZFFuhc_oTtBldW-PNNV_e_uDxgE6yARQ==
gtm.js
www.googletagmanager.com/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b44533d0c5f7b99883115e37633b2bb346aaa6b6e5e5fc171e798018fad8732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62541
x-xss-protection
0
last-modified
Thu, 11 May 2023 19:49:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 20:34:12 GMT
apstag.js
c.amazon-adsystem.com/aax2/
Redirect Chain
  • http://c.amazon-adsystem.com/aax2/apstag.js
  • https://c.amazon-adsystem.com/aax2/apstag.js
230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:22:31 GMT
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
702
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
xC4ncALzDx5bdFEIsDSn35F1GbQgk5KeA2oHSz4X9qSVA6XLCMKq6g==

Redirect headers

Date
Thu, 11 May 2023 20:34:12 GMT
Via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://c.amazon-adsystem.com/aax2/apstag.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
ZoByml57ZegmjUTKAkND_fpxS0lAUJjzZ-GOdckEwZHjDI9FvOZamw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
041fae49bdc332d692b89d7d8c708dfb28f175d10cddaf1959c1bb46ddd4d3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 May 2023 20:34:12 GMT
x-content-type-options
nosniff
content-encoding
br
age
16404
x-jsd-version
1.0.1695
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
835
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
version
etag
W/"633-FCRqVFGddBEX9jwRoP08YMQ1Zs4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
cdn.taboola.com/libtrc/ 		763 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0986f60f970d2489a3f4bb0b9c8250b7cab17556acae46f95c6a51a6a20e9db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
kU8JJFjcU3lK0Xom4LzcRAbUAwRXdxvw
content-encoding
br
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
EYR4Z24W5QBCR26Q
age
18829
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162503
x-amz-id-2
HoGh46dwyodVwmcIUvYPFfjdj6x2sk3MQvlztzE8q7HC1EPOopdkJItKuZz+sbPxYEBWxysFOOs=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:14 GMT
server
AmazonS3-br
x-timer
S1683837252.127482,VS0,VE0
etag
"a892efc14956342fee3569b564abe9ef"
vary
Accept-Encoding
content-type
application/javascript
abp
37
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
586
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 06:33:55 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
52219
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
981PWr82gQ48yeaI8kA9muLD4SPEecho1pe0MuSyzbBow8Sd1Jvung==
tr5
cdn.taboola.com/libtrc/ 		3 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=reco-reel-unused-code-remove_var
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230031-FRA
date
Thu, 11 May 2023 20:34:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1683837252.127586,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
f
fid.agkn.com/ 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://ultrasurfing.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 May 2023 20:34:12 GMT
gcid_s.min.js
p.gcprivacy.com/t/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
jt4ZnrYXxK0Tc9o56lUGTSds0r80tPTc
date
Thu, 11 May 2023 01:50:33 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 13:48:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
67420
x-amz-server-side-encryption
AES256
etag
"dac6676675972d00f4ec994de0578005"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9500
x-amz-cf-id
dvKUhEcdtYGMfT6-76vXvnH_hp2rHTcX6WaPVsZB8Il8p9xFMX_5Aw==
prebid
ib.adnxs.com/openrtb2/ 		49 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3da4a4b1e17b7152831eaf249f52db7f801324173ed922109c68f12d1d47c8c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:34:12 GMT
Content-Encoding
gzip
x-openrtb-version
2.4
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2e860397-d1fc-492b-9841-bcbdec569f0c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=930331
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6572d645979538e657c8eebb05a54633ae32b38bdf06daaa145bd4f8f3b2713b

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5ujZmhoGdTpLw%2BbeebZG0tz4mFKUus7N%2BYRTA48wN1m1qVBwiHpMc%2FpIl6d165BOYaqgSoIjEv1Q%2BwAfof4T2pTvU59tSuLABC7HSLr0MPW3DX2SzwLN2Q7VkaTr8vdvHHmP2Mp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c5d338a4dc59bb9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.45.0&p=%5B%7B%22placement_id%22%3A%224b757510-a6bd-48a3-8c07-353cf5ee080c%22%2C%22callback_id%22%3A%22613d6577377c576%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%22f1844683-ce3e-4a99-9196-fb53f10e8bd2%22%2C%22auctionId%22%3A%22082593ba-50d5-467c-8438-019f63b34938%22%7D%2C%7B%22placement_id%22%3A%22946b12f2-6ccb-4112-97e5-162afbd1fe2f%22%2C%22callback_id%22%3A%226286fb287a1bf3e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%2261f04f5e-d346-4d35-9fff-f3c80273869f%22%2C%22auctionId%22%3A%22082593ba-50d5-467c-8438-019f63b34938%22%7D%2C%7B%22placement_id%22%3A%22933e74b5-9df0-43b3-adaf-5ffc0cc037bc%22%2C%22callback_id%22%3A%226336671d1bf23f7%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%2282561277-1c20-4e33-b684-ad12489177ae%22%2C%22auctionId%22%3A%22082593ba-50d5-467c-8438-019f63b34938%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F&bust=1683837252165&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=fc40e6c7-1841-4298-839d-9b8f733d1722&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fc40e6c7-1841-4298-839d-9b8f733d1722%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.237.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-237-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e406fb4f7dbfce57c33d912e59ee75eba5df2ac5fff4ba73fa401712ce99c742

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.45.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a3b7b1a286b592ea87cec838662e9841266b255a4754f3ea835d5f01b7e36b39

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:34:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.41.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-41-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6cbfb98421eefd392e46bafb2f383f29914c539ca2a9fed166eb45b66ac3a340

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		33 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9dd5d6a7427a004c65db35043d00803c66e4a997d75840440ff670a5adbcde67
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:34:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f8716344-e314-4ff9-a088-804c793557c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
89
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		431 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=fc40e6c7-1841-4298-839d-9b8f733d1722%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.45.0&x_source.tid=f1844683-ce3e-4a99-9196-fb53f10e8bd2&l_pb_bid_id=931fd3f2764899e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f1844683-ce3e-4a99-9196-fb53f10e8bd2&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.7273372795278044
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b3d36092c1113ab49bb1fdafec5b99cd5c0bdfc2a74828d46a088a95a057bb2a

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
431
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		429 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=fc40e6c7-1841-4298-839d-9b8f733d1722%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.45.0&x_source.tid=61f04f5e-d346-4d35-9fff-f3c80273869f&l_pb_bid_id=94891e57fa68f0f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=61f04f5e-d346-4d35-9fff-f3c80273869f&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.21376402110095505
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0f6745354da9c7a7f633c9cfb55ca9f3c83ac1cbf5e7f8080e055b21e65fd745

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
429
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		427 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=fc40e6c7-1841-4298-839d-9b8f733d1722%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.45.0&x_source.tid=82561277-1c20-4e33-b684-ad12489177ae&l_pb_bid_id=95d9f6e29e7618a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=82561277-1c20-4e33-b684-ad12489177ae&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.12040514608340591
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1970cd7aee0ad2d02f90fd0d1fd6e7bd0932794e6973cd1264a161b978694478

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
427
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a71f5b997ffb9327f0e738dc7f947b7c56d12235171322fa58e781cdef9fea29

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 11 May 2023 20:34:12 GMT
auction
tlx.3lift.com/header/ 		19 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.45.0&referrer=http%3A%2F%2Fultrasurfing.com%2F&tmax=2000
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.247.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-247-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e0ebd7715e5637894606d95df4c069ee85b311457767b21a73a02a2f127df738

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:34:12 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
787
hb
rt.marphezis.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
access-control-allow-credentials
true
vary
Origin
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683837252227&ns_c=UTF-8&c3=1&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
cevx8AaLUF_5FF0Jd5KSXazbSh1sSnwkpv6W6yFQ3h4GgoybqVAAHw==
x-cache
Miss from cloudfront
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:55:23 GMT
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
2329
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2326
x-amz-cf-id
dc2vPrTF-Iu1d3luObeef4TDoDJNrcqbVcZiTi8B-gsAis6OMfTa9w==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=wtfl90OWStnJr&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%224b757510-a6bd-48a3-8c07-353cf5ee080c%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%22946b12f2-6ccb-4112-97e5-162afbd1fe2f%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%22933e74b5-9df0-43b3-adaf-5ffc0cc037bc%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
9SPXRVS5AEYKC6083T84
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
z2gZj2oPT4unzG2EDb4G4aDB8nKMFIVS8FMocx996NzLebEH3ZK4UA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		0
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 19:40:17 GMT
Server
Apache
ETag
"d734-5f2f3919e751f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17407
Expires
Thu, 11 May 2023 20:49:12 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 22:42:19 GMT
content-encoding
gzip
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:13:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
78714
etag
W/"dc01f342ec44b3f8f5767d7b93fe1ac8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HxU36-ELOPrGekvdtcHiG71mHhIwVjEpTGeGyEwDctnOnPKDCJCnsQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
GQKW019N2965JHHN
age
4369
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7c5d338afeb136df-FRA
x-amz-id-2
b3ImfROkoqdV2lCnw3i6gNRD4ccoWO5L6+cnXG0GCJu8OaLzXK86GTcCYLFGTN8jEIpiS9EMtVw=
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
9Q7EVAR423JQ6AAJ
age
422
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c5d338baeb33a3e-FRA
x-amz-id-2
HmUf+GCCKXI/yHvrr6D/mRmwlqbg0bGRnl3PvHyUL7FgC6egL1tGjNzZdXmGbHiIFvkx4BMS36g=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.190.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-190-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:34:12 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.190.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-190-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 11 May 2023 20:34:12 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 18 May 2023 20:34:12 GMT
adapex.js
c.neodatagroup.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.neodatagroup.com/adapex.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF6) /
Resource Hash
c645b2297568c10fd6b2a345d2cda9abd7e1266845d2778be66216342cefabc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 11 May 2023 20:34:12 GMT
Content-Encoding
gzip
Content-MD5
coEWV/XgLvSVadUuYlWzxg==
Age
4669
X-Cache
HIT
Content-Length
9988
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 04 May 2023 08:48:50 GMT
Server
ECAcc (frc/4CF6)
Etag
"0x8DB4C7C61DE5253+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
x-ms-request-id
876cd692-c01e-0020-0e3d-84d4c0000000
Cache-Control
max-age=7200
x-ms-version
2014-02-14
Expires
Thu, 11 May 2023 22:34:12 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a48dfc97ac2c2850db1532c61824c9b307b01b8a1ef2849f2f53ab4a01fb0ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 20:34:12 GMT
sync
p2.gcprivacy.com/v2/ 		155 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=fc40e6c7-1841-4298-839d-9b8f733d1722&u=http%3A%2F%2Fultrasurfing.com%2F&h=ultrasurfing.com&ref=
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.141.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-141-230.compute-1.amazonaws.com
Software
/
Resource Hash
42b83c17384dea542921c18a2974d3a562173dd5d58cd585a8274499345f6779

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
155
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
382291
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control
no-cache
content-length
0
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 		79 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=20%3A34%3A12.331&lti=reco-reel-unused-code-remove_var&data=%7B%22id%22%3A242%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1683796663655%2C%22vi%22%3A1683837252325%2C%22cv%22%3A%2220230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A11316%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1485%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A105%2C%22mw%22%3A950%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1386.90625%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A120%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22reco-reel-unused-code-remove_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93752866e697923600a45a3eb842caada082a99e39ae203967c285d70867511f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
458
date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230031-FRA
server
nginx
x-timer
S1683837252.344530,VS0,VE458
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
4727
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127538
x-xss-protection
0
server
cafe
etag
14255841817258122496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 May 2024 19:15:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8c7af98a343460cc0320f4f5a5bf266e86619b2cdd23d787dab758269439daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
637
x-xss-protection
0
expires
Thu, 11 May 2023 20:34:12 GMT
hadron.json
id.hadron.ad.gt/v1/ 		101 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50bc3a8e3e0aac4ac3596f5a0becb922c7499ba33bc2389e88de028ef50d956

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7c5d338c88fb3661-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7c5d338bc80a3661-FRA
content-length
0
content-type
application/json
date
Thu, 11 May 2023 20:34:12 GMT
debug
OPTIONS block
expires
Fri, 10 May 2024 20:34:12 GMT
server
cloudflare
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.125.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4c15edfbcd1b7a2619a909234dd48a5ed963716a34e5c32f6dd1a7a120f5e265

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.18.19
access-control-allow-credentials
true
content-length
60
expires
0
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
  • https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Protocol
H2
Server
2600:9000:223c:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:27:42 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
_BhYI5l5I0OmhFaSwzdYWoVwbgfHyEj4RyukkMrDGM2ifOJ1YxAwnA==

Redirect headers

Date
Thu, 11 May 2023 20:34:12 GMT
Via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
4Haao66LpBJiV4_rtjVbWi8QKceEDG0-xLtKzkGBj5kcEJP3ycfjEw==
ps-topics.html
c.neodatagroup.com/ Frame 2DFF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.neodatagroup.com/ps-topics.html?sid=2033
Requested by
Host: c.neodatagroup.com
URL: http://c.neodatagroup.com/adapex.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
3857634543824c46b5f1f435e9375e75e0ad96b16d9bf4525e54f0f14bfb25e8

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6237
cache-control
max-age=7200
content-encoding
gzip
content-length
918
content-md5
8KzndH43fcLeRwVWvG3dqA==
content-type
text/html
date
Thu, 11 May 2023 20:34:12 GMT
etag
"0x8DB47F72DB48BAD+gzip"
expires
Thu, 11 May 2023 22:34:12 GMT
last-modified
Fri, 28 Apr 2023 14:45:15 GMT
server
ECAcc (frc/4CB9)
vary
Accept-Encoding
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
b1b2bfed-601e-0074-1539-849b97000000
x-ms-version
2014-02-14
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je35a0&_p=1638449702&_gaz=1&cid=984528084.1683837253&ul=en-us&sr=1600x1200&_s=1&sid=1683837252&sct=1&seg=0&dl=http%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=984528084.1683837253&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=984528084.1683837253&gtm=45je35a0&aip=1&z=354579356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
57dca8dcf6bbb387a2532c5d179238036d64ab7e0e72d1d5a1c2f1e89d3c3436
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel;r=1186597230;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-236487220-1683837252419;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1186597230;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-236487220-1683837252419;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=0;et=1683837252756;tzo=0;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F12c7b5f2_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=231fba9a-70d1-469f-875f-bb376f827ece;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
579.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7ec91d1e957c0a32c3911b890becde15ec296f6672e55cd0f0e0bd918a42928a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
405
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c8e4601ccc3c7b4f8a900390a768690a91ec0bf18fd362fe4479c2a9de6434

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 20:29:42 GMT
server
cloudflare
age
270
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7c5d338e18d01e57-FRA
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.1/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:12 GMT
Via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
214042
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront, HIT
Connection
keep-alive
Content-Length
31023
X-Served-By
cache-fra-eddf8230124-FRA
Last-Modified
Tue, 09 May 2023 09:06:26 GMT
Server
AmazonS3
X-Timer
S1683837253.853878,VS0,VE0
ETag
"f42b894e197d2128ee7d3b438e0ac56d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
X-Cache-Hits
24985
feed-card-placeholder.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48ebb1624fe4977e9d535d2cc561abd81631ac25049888f53ab342c15e2c98b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
Ort8Su8wdzsyACD8_fIxoPJPaLSTK4CV
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
5VNQENT1DS3CHA4G
age
100
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1314
x-amz-id-2
9WjfwuRWwWXSsnbGwWHJyiI9w4bbzcpGf5C2cXotwpSy1R27AXy//KI0bvDw/YUSUMEeDW5bv9o=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:17 GMT
server
AmazonS3
x-timer
S1683837253.846599,VS0,VE0
etag
"86bd7ac135625064a55f8e6405230ab1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
cta-component.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8f72ee0fb18a8de1ee11d20d81bf2b83c24254df8f11f55fb4e56b78d322327

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
9d6h.mq5JPe7ezOZsm8qS2qtN4Mne1WW
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
DXMRX73QHSTX7F86
age
41
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
4792
x-amz-id-2
pDhgSU2q3daAZevGIXtnLgFGtjBH1y3wPuhKpyotLK5ngDW2a4azmiZeti6kT99/XxDxLJqtalk=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:11 GMT
server
AmazonS3
x-timer
S1683837253.859891,VS0,VE0
etag
"40452a2c318d41be99587539ef9db41e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
userx.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe9a408a74a41daed123477ed0ac0042f6962731de035d3bdebb54e23fda4527

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
uDHbv5QQi52kjqW.ObDgR9fJT_l2Hqz9
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
MTT8WTGWDMYWDD2R
age
21
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
5450
x-amz-id-2
yBBuupwHGO4Ib2vwJ5VaMw4YZtAhtHe5NksUhSsPm7JgWTmAC5ZdFecRRkXVHG7ysMZ6AbQ01NU=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:45 GMT
server
AmazonS3
x-timer
S1683837253.867152,VS0,VE1
etag
"c379189a2558511e754d5b9e31fd7e15"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
20
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
distance-from-article.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
564522bd289cbf39daf5290cb12afd0b813a9c0bbe81e086e76998da2c9b23a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
qsTquIg2RpKqSyYnCCtGJ89pKeLqtV66
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
DXMS6Q1S13QY6PZ8
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1189
x-amz-id-2
UehuJBFuEAWBoCgGsusTn7YoTJSJJR5IgSBhEPVZEZykpFK5Q9jr5RnvAd2CzvUympvycPPi0lU=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:12 GMT
server
AmazonS3
x-timer
S1683837253.867170,VS0,VE0
etag
"6e64b98963d18984f93335d6fb79bd97"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
article-detection.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6322ac057fb2fd7c1d84bfce01197559c6ce6ed543009dc2b5b5ac62cabafa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
EQeZud30A2VdX0ATCj.4C.pSZuC7x4Ei
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
DXMSAKN3JKNF71FT
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1287
x-amz-id-2
Vt5ynuCzaYLtYuWNXHleaMvmnKDZXeoEFCfMcf+J2qZJfU+K7ixSlZc8VUe6CcGBXGcNPvvF0cg=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:06 GMT
server
AmazonS3
x-timer
S1683837253.867175,VS0,VE0
etag
"3d2c2743a11beb633df77b970c714d31"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
share-buttons-detection.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
cdn.taboola.com/libtrc/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/share-buttons-detection.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3ab0fc293f6ed37378c828063216385b51bd9396900f10018cdc38a57e0292e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
ztRu.0ptIAhqq06A0uXP2pnCx_QN25U0
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
T0DJFJPQE13SHT4H
age
8
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
734
x-amz-id-2
ZiJhr5Wo2Y0t9wdrHgdPLcrsO3kFGVCl71Fozji8LiXZCknRHaazeDPEGbSC2hN9ZRxzFTghqDc=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 10 May 2023 06:57:30 GMT
server
AmazonS3
x-timer
S1683837253.867386,VS0,VE1
etag
"c89d7840bec7f5520fb56b9f16b57007"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 11 May 2023 20:34:12 GMT
x-amz-request-id
TVRHNHYBPQ9HMG0X
Age
35
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1758
x-amz-id-2
uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
X-Served-By
cache-fra-eddf8230091-FRA
Last-Modified
Wed, 07 Feb 2018 11:15:52 GMT
Server
AmazonS3
X-Timer
S1683837253.902350,VS0,VE0
ETag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
abp
99
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Cache-Hits
52
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=84&lti=reco-reel-unused-code-remove_var&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1683837252887%7D&tim=20%3A34%3A12.887&id=4827&llvl=2&ri=66841f702c9d9992e7acd436e498a93a&sd=v2_c9a52cb54ecca51a9a29167be84d8305_70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4_1683837252_1683837252_CIi3jgYQ8-NDGOXlleSAMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4&pi=/&wi=-1709852854480885386&pt=home&vi=1683837252325&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=20%3A34%3A12.814&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=9764&cv=20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195&lt=reco-reel-unused-code-remove_var&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13897
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=84&lti=reco-reel-unused-code-remove_var&ri=66841f702c9d9992e7acd436e498a93a&sd=v2_c9a52cb54ecca51a9a29167be84d8305_70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4_1683837252_1683837252_CIi3jgYQ8-NDGOXlleSAMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4&pi=/&wi=-1709852854480885386&pt=home&vi=1683837252325&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1683837252846%7D&tim=20%3A34%3A12.847&id=3254&llvl=2&cv=20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=20%3A34%3A12.878&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=9924&cv=20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195&lt=reco-reel-unused-code-remove_var&idx=pc&pc=split-1&st=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13343
B29577490.362891367;dc_pre=CPrs08qO7v4CFanqEQgd1c4E0g;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CPrs08qO7v4CFanqEQgd1c4E0g;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CPrs08qO7v4CFanqEQgd1c4E0g;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Protocol
H2
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891367;dc_pre=CPrs08qO7v4CFanqEQgd1c4E0g;dc_trk_aid=553660654;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 		33 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=20%3A34%3A12.921&route=AM:AM:V&tvi2=84&lti=reco-reel-unused-code-remove_var&data=%7B%22id%22%3A167%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_c9a52cb54ecca51a9a29167be84d8305_70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4_1683837252_1683837252_CIi3jgYQ8-NDGOXlleSAMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo_5unsoL-6_KlAXAA%22%2C%22ui%22%3A%2270b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4%22%2C%22uifp%22%3A%2270b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4%22%2C%22lbt%22%3A1683796663655%2C%22vi%22%3A1683837252325%2C%22cv%22%3A%2220230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A11316%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3240%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1174.125%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22reco-reel-unused-code-remove_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bbc2786e581a3bd7580ef0d0dd40a4eead8c9c7401839af85e31ea22f95cc92e

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
559
date
Thu, 11 May 2023 20:34:13 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230031-FRA
server
nginx
x-timer
S1683837253.954629,VS0,VE559
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 11 May 2023 20:34:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
356586
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.45.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
285445
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:34:12 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7c5d338f0c423661-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		121 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.127.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-127-242.compute-1.amazonaws.com
Software
/
Resource Hash
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
trace-id
1121345736551902
content-length
121
id
id.crwdcntrl.net/ 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17228
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.163.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.12.107
access-control-allow-credentials
true
content-length
43
expires
0
fpc
at.teads.tv/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:13 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:34:13 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		156 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2636712254797744&correlator=4431204324481576&eid=31074471%2C31074472%2C31074536&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=1664998737%2C3129452513%2C2901372812&didk=1262898173~829756614~610913949&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.38%26hb_adid%3D117e87be09de97b%26hb_bidder%3Dappnexus%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dgeneralsearch.net%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D12273d0dd6208dcd%26hb_bidder%3Dappnexus%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.39%26hb_adid%3D1181c3216d9ba00d%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D800%26wrap_l%3D1000%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26fabrickIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D800%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=0&cookie_enabled=1&abxe=1&dt=1683837253029&lmt=1683837253&dlt=1683837251314&idt=1472&adxs=325%2C436%2C975&adys=487%2C3176%2C487&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x3189%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=984528084.1683837253&ga_sid=1683837253&ga_hid=1638449702&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d23163cec3ffaff234a508d70ad3ad20d0fad41a922d79639ae0eaf59b71af88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33359
x-xss-protection
0
google-lineitem-id
5182757651,-1,5182049940
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138288886489,-1,138366628377
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aeb1571eb0583d914b38dd995eb56112508ae859c6fe5e53a240d2cde15a73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11296
x-xss-protection
0
container.html
a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D497 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:34:13 GMT
expires
Fri, 10 May 2024 20:34:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4c06b2be5b7a071c423721f3654c7b23.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67b81a5483b884523dfc5eeb0358b1e9cdf3054489ee4bc807321fcd0d94786a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
age
936888
edge-cache-tag
333684090993286322378305254364851763090,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
333684090993286322378305254364851763090,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
400
req-referer
https://www.kicker.de/
content-length
11324
x-request-id
e7a85ff2826173a1230cea3118b88a0d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kiad7000121-IAD, cache-lga21974-LGA, cache-iad-kjyo7100146-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 26 Apr 2023 16:52:01 GMT
server
nginx
x-timer
S1683837253.110729,VS0,VE2
etag
"db31a503013305968ee639dbdfcdb239"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
274ee60a7dbd8e31b7cbc18a7efebd55.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/274ee60a7dbd8e31b7cbc18a7efebd55.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b3131a78a372947a287ca52a713f2743e6327fd49308f666c3c7cadf684e36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/274ee60a7dbd8e31b7cbc18a7efebd55.png
age
857037
edge-cache-tag
476965079252760451905579432485647666381,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
476965079252760451905579432485647666381,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
305
req-referer
https://www.cheriefm.fr/actus/claudio-capeo-si-javais-su-en-live-dans-le-reveil-cherie-71439372
content-length
10774
x-request-id
e3eb32119696e914113cf43286f918ad
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100155-IAD, cache-iad-kcgs7200126-IAD, cache-lax10654-LGB, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 28 Apr 2023 08:39:56 GMT
server
nginx
x-timer
S1683837253.111540,VS0,VE1
etag
"3456e48a62870240cd01c4e0903b3587"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 118, 1
42d2e4314f1df04b31a07e2661c16684.png
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f92c342fb7abf81a360832f55d3df80b35b51ee667b7337f2ef9ef519175cf91

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
age
1273855
edge-cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
411
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ktiv.com/2023/01/24/police-shooting-that-killed-2-youth-program-was-targeted/
content-length
12560
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000154-IAD, cache-iad-kiad7000105-IAD, cache-lax10670-LGB, cache-iad-kjyo7100098-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 27 Mar 2023 15:13:17 GMT
server
nginx
x-timer
S1683837253.111235,VS0,VE1
etag
"71b33907647c9b56aacafac2de9f0d46"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40, 1
d668904f79c3916077fdab032952daf4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d668904f79c3916077fdab032952daf4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99cde5144dcc918f1f9fe5195285b022d3fa9f549044ba8f9115bd309f39ee39

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d668904f79c3916077fdab032952daf4.jpg
age
3737289
edge-cache-tag
551469150657039454847186061261245532525,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
551469150657039454847186061261245532525,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/lyon/lyon-un-distributeur-de-billets-attaque-au-gaz-explose-20230421
content-length
12364
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200097-IAD, cache-iad-kcgs7200176-IAD, cache-lax10676-LGB, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 14 Mar 2023 09:02:34 GMT
server
nginx
x-timer
S1683837253.110876,VS0,VE3
etag
"4e9f77f47c26a41409af506f0a82ef4d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 117, 1
e8aabe2707d0eac7a6097b37d491ac5d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8aabe2707d0eac7a6097b37d491ac5d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a36f8a91eae717d981df66f4ccd68786cec5d83de3b21f9378551388cecfcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8aabe2707d0eac7a6097b37d491ac5d.jpg
age
649606
edge-cache-tag
423576344812672374416824775242271061715,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
423576344812672374416824775242271061715,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Fri, 19 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.barrierefreie-immobilie.de/barrierefrei-gestalten/hilfsmittel-fuer-menschen-mit-behinderungen/
content-length
37592
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200088-IAD, cache-iad-kiad7000118-IAD, cache-lga21960-LGA, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 18 Apr 2023 11:22:51 GMT
server
nginx
x-timer
S1683837253.111227,VS0,VE3
etag
"4a8443f4a86f6b3cba230bf54f191f18"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
ce9f89e307e6d25448651c584b1d205e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce9f89e307e6d25448651c584b1d205e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f21a91e571aeff941f70b1bf65d0e933ae90660f880db40f581868bb4cc3d079

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce9f89e307e6d25448651c584b1d205e.png
age
1660127
edge-cache-tag
500607977609983863088430295936907474145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
500607977609983863088430295936907474145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
147
expiration
expiry-date="Tue, 16 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kptv.com/
content-length
16212
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100173-IAD, cache-iad-kiad7000154-IAD, cache-lax10673-LGB, cache-iad-kcgs7200041-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 15 Apr 2023 14:56:26 GMT
server
nginx
x-timer
S1683837253.111276,VS0,VE2
etag
"189b6cbe0030dab9698a71af8e7c687f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 76, 1
9fef421331c09a5478d1522f7ec80cad.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_563,y_360/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_563,y_360/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fef421331c09a5478d1522f7ec80cad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
047e347a8ec91fafaa9b2679f53d0f2ff3bb5a7dec4ff54f1003599652cb3956

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_563,y_360/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fef421331c09a5478d1522f7ec80cad.jpg
age
534814
edge-cache-tag
385631397640094763609587490132949194526,403338610013309140971421673985710352664,29ecf9b93bbf306179626feeda1fab70
cache-tag
385631397640094763609587490132949194526,403338610013309140971421673985710352664,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
369
req-referer
https://flytant.com/
content-length
10828
x-request-id
29eff26129fd148ed0e41cc6c70f79e8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kiad7000130-IAD, cache-chi-kigq8000110-CHI, cache-iad-kcgs7200020-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 05 May 2023 08:07:58 GMT
server
nginx
x-timer
S1683837253.129199,VS0,VE6
etag
"bd0b4d9bcd93101eefc3682a873ac72e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
1345003806__PHHCjQdg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7fd2120b697beb25fb623a3e4388028c34d418ab149779669956e9053bc1c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
age
1406199
edge-cache-tag
569853355107028438804233291619057395727,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
569853355107028438804233291619057395727,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
759
req-referer
https://markets.businessinsider.com/
content-length
7766
x-request-id
7c7d171de5981ddb2cf2a997247acd61
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kiad7000082-IAD, cache-lax10648-LGB, cache-iad-kiad7000061-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 25 Apr 2023 05:13:38 GMT
server
nginx
x-timer
S1683837253.128720,VS0,VE1
etag
"b02217ac8133c56acba022c70c2d8bb1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 11, 1
df3a4ac5ade89f51ecf6bc6df6af4013.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9831b282c3482dac51c808568a1c54d0d135ceacd48e1228cd7559e5b50c1bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
age
2495164
edge-cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wunderground.com/
content-length
11268
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100096-IAD, cache-chi-klot8100116-CHI, cache-iad-kiad7000047-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 27 Mar 2023 08:29:01 GMT
server
nginx
x-timer
S1683837253.128694,VS0,VE3
etag
"f364167b0019b2c4592f1c3b282ecf83"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 0, 36, 1
985137888__hi4xzDAU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d02b8a884a3533a2423cda2af6cde31ac62acae1b8afb87604ea47205fadd84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
age
2238339
edge-cache-tag
294627647531404584068419212342316804301,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
294627647531404584068419212342316804301,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
200
expiration
expiry-date="Tue, 02 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.co.uk/
content-length
9310
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100020-IAD, cache-lax10645-LGB, cache-iad-kcgs7200128-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 01 Apr 2023 07:34:18 GMT
server
nginx
x-timer
S1683837253.173915,VS0,VE1
etag
"a6571608b083c634a26f4abc3ac421ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 15, 1
1345003806__PHHCjQdg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9628677ca7c9da531f5ad0cda5de5cd9670879d2ba0a99f7a29b53ab85cb03e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
age
1783591
edge-cache-tag
569853355107028438804233291619057395727,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
569853355107028438804233291619057395727,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
648
req-referer
https://www.castingshow-news.de/
content-length
7404
x-request-id
878e643e3d128cbe41b02dc00b22b1ea
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000038-IAD, cache-iad-kcgs7200069-IAD, cache-lax10656-LGB, cache-iad-kiad7000101-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 24 Mar 2023 16:54:35 GMT
server
nginx
x-timer
S1683837253.173728,VS0,VE2
etag
"f6fcde37336c9711caea34500870b322"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 20, 1
abec9cd012ed7b5b7c7c88571457b204.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f5b2f50d50334b13c63616588d6fbf517a7ff4d259742693aaafede954f0145

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
age
3918927
edge-cache-tag
295850115356542585480646545745049189932,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
295850115356542585480646545745049189932,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
119
expiration
expiry-date="Fri, 07 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
26166
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000028-IAD, cache-lga21925-LGA, cache-iad-kiad7000091-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 07 Mar 2023 08:17:17 GMT
server
nginx
x-timer
S1683837253.178322,VS0,VE2
etag
"35762d0b9f45a1c29ab84f9a044900e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 3, 1
2bbf2d4653398ce5d1baeaa0c071ad19.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6da7543e40096edd164b32094a1a2fca2a40d50b62f27f34345b0aaa771bf973

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
age
933438
edge-cache-tag
402128883352376495707181058827973994527,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
402128883352376495707181058827973994527,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
350
req-referer
https://www.amarujala.com/
content-length
30326
x-request-id
690ddaa68931db5b4bf96aa164ac2a39
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100119-IAD, cache-iad-kjyo7100145-IAD, cache-lax10625-LGB, cache-iad-kcgs7200050-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 26 Apr 2023 16:51:51 GMT
server
nginx
x-timer
S1683837253.178541,VS0,VE5
etag
"8fa3495ffcdda0521eaac17e13b26d61"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
mvfgvyuf6whpv9figzcf.mp4
cdn.taboola.com/libtrc/static/video/v1678552601/ 		192 KB
192 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1678552601/mvfgvyuf6whpv9figzcf.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab65df6d93c8d3520d4d9be429ed4e0c75efd6cfcc0035264bc0fb4ca602f67b

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
9tQDfaRno9EW5aNaR7WGruYn11MOGxkg
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish
x-amz-request-id
HK4S7SSN9G4WF0SW
age
101
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-196429/196430
x-amz-replication-status
COMPLETED
Content-Length
196430
x-amz-id-2
wha5Mf+Y/J0UP/CktVvUgfebQXqMDaOv9nq5P7ULx+8/Z/L64FraORpGRYJJri/T6aSqbrXmFWs=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Sat, 11 Mar 2023 16:36:46 GMT
server
AmazonS3
x-timer
S1683837253.185096,VS0,VE3
etag
"b74480a0fdcfb6f72f3503cc3c2d073e"
content-type
video/mp4;codecs=avc1
abp
39
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
hourlystat
tempnextstat.bcovery.com/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempnextstat.bcovery.com/hourlystat
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
hourlystat
tempnextstat.bcovery.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tempnextstat.bcovery.com/hourlystat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 May 2023 20:34:13 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
57dca8dcf6bbb387a2532c5d179238036d64ab7e0e72d1d5a1c2f1e89d3c3436
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
1345003806__PHHCjQdg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7fd2120b697beb25fb623a3e4388028c34d418ab149779669956e9053bc1c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
age
1406199
edge-cache-tag
569853355107028438804233291619057395727,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
569853355107028438804233291619057395727,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
759
req-referer
https://markets.businessinsider.com/
content-length
7766
x-request-id
7c7d171de5981ddb2cf2a997247acd61
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kiad7000082-IAD, cache-lax10648-LGB, cache-iad-kiad7000061-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 25 Apr 2023 05:13:38 GMT
server
nginx
x-timer
S1683837253.352939,VS0,VE0
etag
"b02217ac8133c56acba022c70c2d8bb1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 11, 2
df3a4ac5ade89f51ecf6bc6df6af4013.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9831b282c3482dac51c808568a1c54d0d135ceacd48e1228cd7559e5b50c1bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df3a4ac5ade89f51ecf6bc6df6af4013.jpg
age
2495164
edge-cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
559446151399961218454964529176607870239,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wunderground.com/
content-length
11268
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100096-IAD, cache-chi-klot8100116-CHI, cache-iad-kiad7000047-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 27 Mar 2023 08:29:01 GMT
server
nginx
x-timer
S1683837253.353042,VS0,VE0
etag
"f364167b0019b2c4592f1c3b282ecf83"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 0, 36, 2
4c06b2be5b7a071c423721f3654c7b23.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67b81a5483b884523dfc5eeb0358b1e9cdf3054489ee4bc807321fcd0d94786a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c06b2be5b7a071c423721f3654c7b23.jpg
age
936888
edge-cache-tag
333684090993286322378305254364851763090,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
333684090993286322378305254364851763090,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
400
req-referer
https://www.kicker.de/
content-length
11324
x-request-id
e7a85ff2826173a1230cea3118b88a0d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kiad7000121-IAD, cache-lga21974-LGA, cache-iad-kjyo7100146-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 26 Apr 2023 16:52:01 GMT
server
nginx
x-timer
S1683837253.353505,VS0,VE0
etag
"db31a503013305968ee639dbdfcdb239"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
274ee60a7dbd8e31b7cbc18a7efebd55.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/274ee60a7dbd8e31b7cbc18a7efebd55.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b3131a78a372947a287ca52a713f2743e6327fd49308f666c3c7cadf684e36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/274ee60a7dbd8e31b7cbc18a7efebd55.png
age
857037
edge-cache-tag
476965079252760451905579432485647666381,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
476965079252760451905579432485647666381,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
305
req-referer
https://www.cheriefm.fr/actus/claudio-capeo-si-javais-su-en-live-dans-le-reveil-cherie-71439372
content-length
10774
x-request-id
e3eb32119696e914113cf43286f918ad
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100155-IAD, cache-iad-kcgs7200126-IAD, cache-lax10654-LGB, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 28 Apr 2023 08:39:56 GMT
server
nginx
x-timer
S1683837253.353513,VS0,VE0
etag
"3456e48a62870240cd01c4e0903b3587"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 118, 2
42d2e4314f1df04b31a07e2661c16684.png
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f92c342fb7abf81a360832f55d3df80b35b51ee667b7337f2ef9ef519175cf91

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_440,y_345/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42d2e4314f1df04b31a07e2661c16684.png
age
1273855
edge-cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
cache-tag
329554471022964489934339313777812508216,401792857564895688362723379235208718627,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
411
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ktiv.com/2023/01/24/police-shooting-that-killed-2-youth-program-was-targeted/
content-length
12560
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000154-IAD, cache-iad-kiad7000105-IAD, cache-lax10670-LGB, cache-iad-kjyo7100098-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 27 Mar 2023 15:13:17 GMT
server
nginx
x-timer
S1683837253.353667,VS0,VE0
etag
"71b33907647c9b56aacafac2de9f0d46"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40, 2
d668904f79c3916077fdab032952daf4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d668904f79c3916077fdab032952daf4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99cde5144dcc918f1f9fe5195285b022d3fa9f549044ba8f9115bd309f39ee39

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d668904f79c3916077fdab032952daf4.jpg
age
3737289
edge-cache-tag
551469150657039454847186061261245532525,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
551469150657039454847186061261245532525,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/lyon/lyon-un-distributeur-de-billets-attaque-au-gaz-explose-20230421
content-length
12364
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200097-IAD, cache-iad-kcgs7200176-IAD, cache-lax10676-LGB, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 14 Mar 2023 09:02:34 GMT
server
nginx
x-timer
S1683837253.355068,VS0,VE0
etag
"4e9f77f47c26a41409af506f0a82ef4d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 117, 2
e8aabe2707d0eac7a6097b37d491ac5d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8aabe2707d0eac7a6097b37d491ac5d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a36f8a91eae717d981df66f4ccd68786cec5d83de3b21f9378551388cecfcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8aabe2707d0eac7a6097b37d491ac5d.jpg
age
649606
edge-cache-tag
423576344812672374416824775242271061715,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
423576344812672374416824775242271061715,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Fri, 19 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.barrierefreie-immobilie.de/barrierefrei-gestalten/hilfsmittel-fuer-menschen-mit-behinderungen/
content-length
37592
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200088-IAD, cache-iad-kiad7000118-IAD, cache-lga21960-LGA, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 18 Apr 2023 11:22:51 GMT
server
nginx
x-timer
S1683837253.414096,VS0,VE0
etag
"4a8443f4a86f6b3cba230bf54f191f18"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
ce9f89e307e6d25448651c584b1d205e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce9f89e307e6d25448651c584b1d205e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f21a91e571aeff941f70b1bf65d0e933ae90660f880db40f581868bb4cc3d079

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce9f89e307e6d25448651c584b1d205e.png
age
1660127
edge-cache-tag
500607977609983863088430295936907474145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
500607977609983863088430295936907474145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
147
expiration
expiry-date="Tue, 16 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kptv.com/
content-length
16212
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100173-IAD, cache-iad-kiad7000154-IAD, cache-lax10673-LGB, cache-iad-kcgs7200041-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 15 Apr 2023 14:56:26 GMT
server
nginx
x-timer
S1683837253.414058,VS0,VE0
etag
"189b6cbe0030dab9698a71af8e7c687f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 76, 2
9fef421331c09a5478d1522f7ec80cad.jpg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_563,y_360/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_563,y_360/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fef421331c09a5478d1522f7ec80cad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
047e347a8ec91fafaa9b2679f53d0f2ff3bb5a7dec4ff54f1003599652cb3956

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_563,y_360/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fef421331c09a5478d1522f7ec80cad.jpg
age
534814
edge-cache-tag
385631397640094763609587490132949194526,403338610013309140971421673985710352664,29ecf9b93bbf306179626feeda1fab70
cache-tag
385631397640094763609587490132949194526,403338610013309140971421673985710352664,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
369
req-referer
https://flytant.com/
content-length
10828
x-request-id
29eff26129fd148ed0e41cc6c70f79e8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kiad7000130-IAD, cache-chi-kigq8000110-CHI, cache-iad-kcgs7200020-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 05 May 2023 08:07:58 GMT
server
nginx
x-timer
S1683837253.414527,VS0,VE0
etag
"bd0b4d9bcd93101eefc3682a873ac72e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=84&lti=reco-reel-unused-code-remove_var&ri=66841f702c9d9992e7acd436e498a93a&sd=v2_c9a52cb54ecca51a9a29167be84d8305_70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4_1683837252_1683837252_CIi3jgYQ8-NDGOXlleSAMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4&pi=/&wi=-1709852854480885386&pt=home&vi=1683837252325&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22296.96875%22%2C%22eventTime%22%3A1683837253391%7D&tim=20%3A34%3A13.391&id=1758&llvl=2&cv=20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 May 2023 20:34:13 GMT
pv
tra.neodatagroup.com/
Redirect Chain
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=33465075845&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@ne...
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=33465075845&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@ne...
232 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.neodatagroup.com/pv?sid=2033&rnd=33465075845&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=fc40e6c7-1841-4298-839d-9b8f733d1722;pubcid;PublisherCommonId&pbs=true&neoid=310190af0de059b
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68d5c13d67b82affc230308bf302228324589cf949a6bbdcb9ce5bf831e60adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:14 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive

Redirect headers

Access-Control-Allow-Origin
*
Location
/pv?sid=2033&rnd=33465075845&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=fc40e6c7-1841-4298-839d-9b8f733d1722;pubcid;PublisherCommonId&pbs=true&neoid=310190af0de059b
Date
Thu, 11 May 2023 20:34:13 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
js
pixel.mathtag.com/sync/
Redirect Chain
  • http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845
Protocol
HTTP/1.1
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown" /
Resource Hash
4d19ab81e7d6227fdeb69c10352b2b755d740d71b0174f71096b5678386ad3e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:14 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1565
Expires
Thu, 11 May 2023 20:34:13 GMT

Redirect headers

Date
Thu, 11 May 2023 20:34:13 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x25 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:34:12 GMT
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=33465075845
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=920203302470529155&rt=img&rnd=33465075845
1 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=920203302470529155&rt=img&rnd=33465075845
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Date
Thu, 11 May 2023 20:34:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
46592e1a-830c-43a8-912d-83372bf82933
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=920203302470529155&rt=img&rnd=33465075845
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=33465075845
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=33465075845&google_gid=CAESELSxod1FwrQQCppvW8lH9Lg&google_cver=1
1 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=33465075845&google_gid=CAESELSxod1FwrQQCppvW8lH9Lg&google_cver=1
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=33465075845&google_gid=CAESELSxod1FwrQQCppvW8lH9Lg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:34:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cms
ups.analytics.yahoo.com/ups/58681/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=33465075845
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=33465075845
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=33465075845
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Thu, 11 May 2023 20:34:13 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=33465075845
content-type
text/html
cache-control
no-store
content-length
367
985137888__hi4xzDAU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d02b8a884a3533a2423cda2af6cde31ac62acae1b8afb87604ea47205fadd84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
age
2238339
edge-cache-tag
294627647531404584068419212342316804301,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
294627647531404584068419212342316804301,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
200
expiration
expiry-date="Tue, 02 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.co.uk/
content-length
9310
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100020-IAD, cache-lax10645-LGB, cache-iad-kcgs7200128-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 01 Apr 2023 07:34:18 GMT
server
nginx
x-timer
S1683837254.613691,VS0,VE0
etag
"a6571608b083c634a26f4abc3ac421ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 15, 2
1345003806__PHHCjQdg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9628677ca7c9da531f5ad0cda5de5cd9670879d2ba0a99f7a29b53ab85cb03e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1345003806__PHHCjQdg.jpg
age
1783591
edge-cache-tag
569853355107028438804233291619057395727,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
569853355107028438804233291619057395727,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
648
req-referer
https://www.castingshow-news.de/
content-length
7404
x-request-id
878e643e3d128cbe41b02dc00b22b1ea
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000038-IAD, cache-iad-kcgs7200069-IAD, cache-lax10656-LGB, cache-iad-kiad7000101-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 24 Mar 2023 16:54:35 GMT
server
nginx
x-timer
S1683837254.613643,VS0,VE0
etag
"f6fcde37336c9711caea34500870b322"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 20, 2
abec9cd012ed7b5b7c7c88571457b204.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f5b2f50d50334b13c63616588d6fbf517a7ff4d259742693aaafede954f0145

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abec9cd012ed7b5b7c7c88571457b204.png
age
3918927
edge-cache-tag
295850115356542585480646545745049189932,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
295850115356542585480646545745049189932,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
119
expiration
expiry-date="Fri, 07 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
26166
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000028-IAD, cache-lga21925-LGA, cache-iad-kiad7000091-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 07 Mar 2023 08:17:17 GMT
server
nginx
x-timer
S1683837254.613655,VS0,VE0
etag
"35762d0b9f45a1c29ab84f9a044900e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 3, 2
2bbf2d4653398ce5d1baeaa0c071ad19.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6da7543e40096edd164b32094a1a2fca2a40d50b62f27f34345b0aaa771bf973

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bbf2d4653398ce5d1baeaa0c071ad19.jpg
age
933438
edge-cache-tag
402128883352376495707181058827973994527,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
402128883352376495707181058827973994527,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
350
req-referer
https://www.amarujala.com/
content-length
30326
x-request-id
690ddaa68931db5b4bf96aa164ac2a39
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100119-IAD, cache-iad-kjyo7100145-IAD, cache-lax10625-LGB, cache-iad-kcgs7200050-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 26 Apr 2023 16:51:51 GMT
server
nginx
x-timer
S1683837254.625504,VS0,VE0
etag
"8fa3495ffcdda0521eaac17e13b26d61"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
st
imprammp.taboola.com/ Frame B2F3 		422 B
624 B 		Document
General
Check archive.org
Download Go to
Full URL
http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1683837253663&uv=3275&tms=1683837253663&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c4ce99fe-8354-4d6f-a0a9-00d79b0874fc&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00b14a5e4ae80b77283603d47e4ea2c2d560fba1be1117b68089594472ad6f28

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 May 2023 20:34:13 GMT
Server
nginx
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230024-FRA
X-Timer
S1683837254.760095,VS0,VE11
transfer-encoding
chunked
sync
am-match.taboola.com/ Frame 2C11 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
80740daf68e1f4b4dee26e9170c65ae4229fcf65bcac16c4e0169f4519127868

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 11 May 2023 20:34:13 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683837253704&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1518&pt=808917872&tz=0&viewable=true&ddast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

X-Cache-Hits
0
Date
Thu, 11 May 2023 20:34:13 GMT
Content-Encoding
gzip
Via
1.1 varnish
MachineId
1452
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-fra-eddf8230049-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1683837254.757588,VS0,VE70
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=31589837&cb=1683837253663&uv=3275&tms=1683837253663&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1683837250965.8!ts:1683837253663&mntl=1
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame CC40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUkZkB2T7karbP5peAIZf0tWstbk9T-LY92T-CjJCFcYREY4rvGU-wf25fa-hXqm43OW0Odh2SDpUs5DN3zWG219Jk_d4kYy0jBQ-_3bSv_7AMGo4wc2yT7KkMYLzSGY9sPa1MBPMESJS9PlCLAFMcOfChBZ6Ah4lQVOWgn5xoi6TBttR0zEKabxWHYb0p6X-nn-jOLgb-x5cVH5f6qCUKB_Dx8BCJzrZduJEF7pGMmg-sLypfRi1LkED5PGBq9edc_uzp3EjYYzar1sekuyi358MuG3Ud0GRGp8pLQKShdKh2TysioQFJHLcmCDPA4FDUAVe2g7JrQdBuKJ0v9pw3aQP--ns&sai=AMfl-YTUTWb5jCfWy93hM6Rpgw1Uzvs-ZLxezkSJ9aFu23LXTbAYdQBrb4tIrehFBVPV6b4Z7SCUk1sNJE-h0vvUy6liqM-CQD-CNmEB7HovwXVyvX_C8GLkVQSn4AEVA6d5zEJGxkgaqzMbtKiUoSY&sig=Cg0ArKJSzLU8ZHqiOektEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:34:14 GMT
nmedianet.js
contextual.media.net/ Frame CC40 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ceec3aa04199149a6578595541ce760e047dfb5118b077b9882559a5fee24837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:34:14 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-jxfb
timing-allow-origin
*
expires
Thu, 11 May 2023 20:39:14 GMT
log
qsearch-a.akamaihd.net/ Frame CC40 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587520&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=3414845726708156214&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=4.3801&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=52&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=160x600&f_seg=&prdp=0.4896&ogcbdp=1.0200&dfpbd=0.4896&server=1&ogerpm_wd_bkt=1-2&vskip=-1&model_version=202305111435_generic_appn_2-cid_1&viewability=0.4500&dmm_r=0.2690&cut=52&dmm_l=0.2690&as_cache=0&tcyerpm=&content_language=&sc=HE&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683837252277&cc=DE&strg=harmony&ss=&video_maxdur=-1&current_hour=20&time_stamp=2023-05-11+20%3A34%3A12&content_network=&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=1.0200&ct=Kassel&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=39351&bdp_bucket=1.00&algo=unison12&dc=eu_be&splid=27587520&dim4=exploration&erpm_mult=1.000000&dn=ultrasurfing.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&dmm_m10=860251&bdp_wider_bucket=2&acid=42c1074756dd4f32a6650a975fa46638&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.4630&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3708700&dmm_m1=2023-05-11+20%3A34%3A12.280153582&e_rpm=0.1980&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.4630&cid=8CUH5EN48&bcrid=424785676&rawbid=1.0200&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-rtk7d.BE&dfp_bucket=0.4&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=3117783808&advurl=generalsearch.net%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=50&gpid=27587520&iwb=1&dmm_d22=0.07&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=1.02
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.241.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:34:14 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame CC40 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:34:14 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:34:14 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame CC40 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1338715
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230070-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683837254.149248,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1435819
it
fra1-ib.adnxs.com/ Frame CC40 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fultrasurfing.com%252F&e=wqT_3QK7BOg7AgAAAwDWAAUBCMSi9aIGEMmvsOb2oe6KHxgAKjYJXI_C9Shc3z8RLv8h_fZ12D8ZAAAAoEfhyj8hLg0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUIzuxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvS4AZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AL2_1vqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDM0MTQ4NDU3MjY3MDgxNTYyMTRfc2JpZBoTMjIzOTg5OTg2NTU4NzY1MjU1MyIJNDI0Nzg1Njc2KgVNMTE3M8ADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjSoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIzuxsoBiAUBmAUAoAW2js25iIP-sS_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=520d4908eb154447bdc2a64edb364f7c3c4983b7
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:14 GMT
AN-X-Request-Uuid
4627b672-93a0-4416-8e85-a4192cbd1608
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC40 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:34:14 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame D978 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
264228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D978 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
264228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D978 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
264228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D978 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
264228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D978 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
264228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
css
fonts.googleapis.com/ Frame D978 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 20:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 20:31:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 20:34:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul1WmtdS086mlkQPDlozwkKwfSTFfLOPp9eRge0oWpcuiN9DeGZoxxArDh-l0zD2iXhE3hassVy5i4k8QzIWnQEnMzgTTh-lCp_FcG7Ea-9MY5KMZCHOiGYl84ubGR7PB3G-9i9N6Fe-MZ6BteZh-Nu1N1_19FHooWa16-Qd7vDTUl7SwbuLGFADb4QEoOmubRlhV-jJnjzltJpOs_WNewL-NGo5XoPIY7rWfjYRCLBRLH1SDIRU04UIIc7lonKUcXeeZtAIfWlLnAXOYMa5bJH9lie670SPrDPMv9u5l-7glu_U6-kv2OFtrt7jcLF-3Ux1xESIjOEqV0mpqkEoDK&sai=AMfl-YR470JuQEk57XTlTtWRmXkUM2Z69bhYXp0MtYWZBpzaYrKO1u7ztzju8pLb04hijqtJpZ7mYvgXcAKWPSvniQB0SS8xLrzrU-Yh-gwzXfuyDu_JvrQqsVXWf5zineF77iNmn8G0mLIJf48q3VU&sig=Cg0ArKJSzN7CZho9lVh8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame 4B6C 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d74a4e252e1059a11ff1392a9e260f29593eb1ceca0d42e1c1f5fa0894eae717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:34:14 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-jxfb
timing-allow-origin
*
expires
Thu, 11 May 2023 20:39:14 GMT
log
qsearch-a.akamaihd.net/ Frame 4B6C 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587518&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=3414845726708156214&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=300x250&f_seg=&prdp=0.5007&ogcbdp=0.8300&dfpbd=0.5007&server=1&ogerpm_wd_bkt=0-1&vskip=-1&viewability=0.5700&dmm_r=0.2640&cut=40&dmm_l=0.2640&tcyerpm=&content_language=&sc=HE&send_erpm=true&sd=0&hb_exp=&seg=&dmm_m4=1.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683837252277&cc=DE&strg=exploratory&ss=&video_maxdur=-1&current_hour=20&time_stamp=2023-05-11+20%3A34%3A12&content_network=&rvshhon=&bdp=0.8300&ct=Kassel&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=39351&bdp_bucket=0.80&algo=mrg-4.0&dc=eu_be&splid=27587518&dim4=bid_multiplier_used&dn=ultrasurfing.com&ad_position=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=53a822b1f0bc4a47a869b1fbc08b6348&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.4900&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3205790&dmm_m1=2023-05-11+20%3A34%3A12.280522103&e_rpm=0.2050&dmm_m22=0.0000&gdpr=&vsid=&log_less=true&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.4900&cid=8CUH5EN48&bcrid=424785015&rawbid=0.8300&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-rtk7d.BE&dfp_bucket=0.5&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=3117783808&advurl=generalsearch.net%2F&crid=101633514&sat=1&br_id=265&cut_bkt=40&gpid=27587518&iwb=1&dmm_d22=0.07&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=0.83
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.241.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:34:14 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 4B6C 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:34:14 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:34:14 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 4B6C 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1338715
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230070-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683837254.469900,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1435820
it
fra1-ib.adnxs.com/ Frame 4B6C 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fultrasurfing.com%252F&e=wqT_3QK7BOg7AgAAAwDWAAUBCMSi9aIGEMW_mtn_lb_eSxgAKjYJ1XjpJjEI4D8RipP7HYoC2T8ZAAAAwPUozD8hig0SACkRJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgUPfoxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvS4AZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AK1-1zqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDM0MTQ4NDU3MjY3MDgxNTYyMTRfc2JpZBoTNTQ1NzUxNDY4MTIyOTI4NzM2NSIJNDI0Nzg1MDE1KgVNMTE3M8ADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjSoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPfoxsoBiAUBmAUAoAW2js25iIP-sS_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=e01690485c76908aa50341e2ffc9788d0b015bc4
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:14 GMT
AN-X-Request-Uuid
83afbc5c-bc76-4465-b674-ed769909ef9f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B6C 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:34:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D978 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 08:26:03 GMT
x-content-type-options
nosniff
server
cafe
age
43691
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 12 May 2023 08:26:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D978 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 11:14:15 GMT
x-content-type-options
nosniff
server
cafe
age
33599
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 12 May 2023 11:14:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D978 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc0PHRVFdZIeNCK-V7_UPq6yz8AXLif3CcNyYp9eoEdnZHhABIIb3hiZgleKQgqAHoAG24Oy6A8gBAeACAKgDAcgDCqoEmgJP0ImckmwPK95hKU_IQrr2RFH8Tr7hFK3a6SWe96PZPA6YzqXY007xMFMz2_xp14wKfECzC9dn52wUb-KhUxp-Uqt8dvIoxcm-AxFjDMh8zR0Dv5O-Ra2174AWKn09wYaxHgLzlt9udZGtHkXPsUG_Ly7mIiOwovndCOvgsUeCpuYiDVLSFMrZewVF9G1GtWGTOPAHKJH6lueYOc82TzysaCiHlAKMUyKSNgsW6_D0sdHnc3Nzdi1m13B6zJn3upGkshRUBd8TgioL3aHloYJ-Q2gW0UfVh8gaOA4XoGu8xUxB4c34h2_lMjixd8YEkVFsxtQ1_eNv-pl302q7Z62Jxmpn3za6syGSit6lJIpU1vG7mNLq3URQRazABLP4z6OoBOAEAZIFBAgEGAGSBQQIBRgEgAeyn5NFqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQo64F0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTAogUAtAVAYAXAbIXHgocCAASFHB1Yi04NTg2MjY1MDExNjI0MTA3GIHUHA&sigh=LJduMqJpFkc&uach_m=[UACH]&cid=CAQSSwBygQiDy0SGsrBN7F6lNEQuX613ji9_Ibqs_l0fi1sMw6qkElTlenXaTRFfGuk-GJ4YG2bE9M78PrcUAbhS50WXL8SVIZP35lvlaxgB
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
truncated
/ Frame D978 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f44586d889797db034c2d2358726f8032fa570a850a086a20d683b837b6560c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
579.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
6b7b5160edafc088498a26597d7800cf100ea42cd3a12fb8e37cfcfa54e7a68b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame B2F3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1683837253663&uv=3275&tms=1683837253663&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c4ce99fe-8354-4d6f-a0a9-00d79b0874fc&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B2F3 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1683837253663&uv=3275&tms=1683837253663&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c4ce99fe-8354-4d6f-a0a9-00d79b0874fc&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
sync
x.bidswitch.net/ Frame B2F3 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1683837253663&uv=3275&tms=1683837253663&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c4ce99fe-8354-4d6f-a0a9-00d79b0874fc&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.235.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-235-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 2C11 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2C11 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 2C11 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&tvi2=84&lti=reco-reel-unused-code-remove_var&ri=b0cacacaaf14148a969eb2928c7c5548&sd=v2_c9a52cb54ecca51a9a29167be84d8305_70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4_1683837252_1683837252_CIi3jgYQ8-NDGOXlleSAMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4&pi=/&wi=-1709852854480885386&pt=home&vi=1683837252325&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1683837254231%7D&tim=20%3A34%3A14.231&id=6212&llvl=2&cv=20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
3ead58e12674808f12e79b256560081a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab5a5efb74050059bb5fffb479cfcaeb3b33eee913543e0512a8f4a7bdcc2cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
age
2385025
edge-cache-tag
381627698217469947099100280957135315376,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
381627698217469947099100280957135315376,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
190
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/meinungen/kanada-kernkraft-saubere-energie-volkswagen-trudeau/
content-length
66644
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kjyo7100177-IAD, cache-lax10642-LGB, cache-iad-kjyo7100172-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 23 Mar 2023 20:18:02 GMT
server
nginx
x-timer
S1683837255.530328,VS0,VE2
etag
"64c4608fa2a04e71dc6279734acad829"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
d5702aaceaf73790705d5a69ad0e15d5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5702aaceaf73790705d5a69ad0e15d5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fe29c8d20e555a4ec3981a24a9c7161ba0f6b09c00ba97bc4fa747de7d4327a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5702aaceaf73790705d5a69ad0e15d5.jpg
age
269349
edge-cache-tag
516654095969218340446411391901730686240,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
516654095969218340446411391901730686240,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
473
req-referer
https://www.live5news.com/
content-length
5084
x-request-id
a0037f2fa7df2a8f7505eb5d53488b33
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kjyo7100108-IAD, cache-lax10673-LGB, cache-iad-kcgs7200029-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 05 May 2023 07:12:39 GMT
server
nginx
x-timer
S1683837255.530432,VS0,VE1
etag
"04a2d10b5e4491894e7d45a593927f19"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
e00192d1ef454529f7e205e0412a6dff.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e00192d1ef454529f7e205e0412a6dff.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50ac7f22b51e7f975fc7c9ccbc24227fa77733b877c2e66fe0a95792bce2983d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e00192d1ef454529f7e205e0412a6dff.png
age
2026550
edge-cache-tag
602072104652827969040584637690858742521,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
602072104652827969040584637690858742521,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
498
req-referer
https://www.index.hr/mobile/sport/clanak/turci-o-bjelici-detalj-s-gvardiolom-u-dinamu-je-pokazao-njegovu-najvazniju-kvalitetu/2455970.aspx?index_tid=344583&index_ref=naslovnica_sport_prva_m
content-length
6032
x-request-id
522b306544050b8ebb129aeb364e9da0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kcgs7200171-IAD, cache-lax10635-LGB, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 17 Apr 2023 09:59:13 GMT
server
nginx
x-timer
S1683837255.549233,VS0,VE2
etag
"dc76cfbb52b8c5f7830ee24266b550a2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f77ab9caba51216bcfa68403730f8c2b0b3426f78aa83a7b10287d7fa708176

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
2017647
edge-cache-tag
614864820090109347195755692061116706336,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
328
expiration
expiry-date="Tue, 02 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oggi.it/video/gossip/2018/03/29/cristina-buccino-va-fuori-di-seno-guarda-il-video-dellincidente-sexy-nel-backstage/
content-length
81340
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kcgs7200178-IAD, cache-lax10662-LGB, cache-iad-kiad7000043-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 01 Apr 2023 20:14:01 GMT
server
nginx
x-timer
S1683837255.548828,VS0,VE3
etag
"034c9b53ed495d4a1fa3a3947dcc3e2e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 32, 1
bda760b64ab82983a76e3d8dd8d17181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bda760b64ab82983a76e3d8dd8d17181.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ae7673c07b432af8a15f755fc93fa4b92c7a4202bfd6fc85b086885fa4973622

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bda760b64ab82983a76e3d8dd8d17181.jpg
age
275187
edge-cache-tag
470035049209276474154204871449584559978,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
470035049209276474154204871449584559978,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
324
req-referer
https://sports.walla.co.il/
content-length
9614
x-request-id
5f7c22fc83d866d1ea115a7645541474
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kjyo7100023-IAD, cache-chi-kigq8000079-CHI, cache-iad-kiad7000117-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 05 May 2023 07:11:46 GMT
server
nginx
x-timer
S1683837255.550342,VS0,VE1
etag
"bc4bb5a8767d34f5ba67cae3efa518c7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
7e40e84839e776e4587b7f433a6e051a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e40e84839e776e4587b7f433a6e051a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6e9c40bcb1a03b5748a36ee6be4324ebf6eec01c011db36c99f447b789c1e8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e40e84839e776e4587b7f433a6e051a.jpg
age
630844
edge-cache-tag
606050701736552535987664751553408334933,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
606050701736552535987664751553408334933,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
137
expiration
expiry-date="Sun, 21 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newschannel10.com/
content-length
5012
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kjyo7100159-IAD, cache-chi-kigq8000023-CHI, cache-iad-kiad7000171-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 20 Apr 2023 02:37:22 GMT
server
nginx
x-timer
S1683837255.550802,VS0,VE2
etag
"a75657117bd5ff904319bc0d8060d2c9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 1
d5188b71c01c6e96f87b36b1282b6aa3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e31e19bcf1d1ad6075e43816f250b814cd4bafde0510de88d930d24b196accc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
age
2090003
edge-cache-tag
425481553482210613476636665782714446727,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
425481553482210613476636665782714446727,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
153
expiration
expiry-date="Sat, 13 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nbcnews.com/
content-length
60816
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100038-IAD, cache-iad-kiad7000103-IAD, cache-lax10669-LGB, cache-iad-kcgs7200083-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 12 Apr 2023 08:43:13 GMT
server
nginx
x-timer
S1683837255.550922,VS0,VE1
etag
"a2ecb02e80bf6523eea5c29637089d3e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 15, 1
5e53b7339d233d862ef1982ce507c523.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e53b7339d233d862ef1982ce507c523.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a39d0ddefb193b5bb0551b127febb9461672197e195b7ccf9aed8b465580eaf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e53b7339d233d862ef1982ce507c523.jpg
age
2570246
edge-cache-tag
352306561920397752251496609051597209879,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
352306561920397752251496609051597209879,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
62
expiration
expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/wintersport/biathlon/2023/04/biathlon-rucktritt-nach-rauswurfs-schock-konkurrenzkampf-bei-den-norwegern-fordert-tribut
content-length
9974
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000120-IAD, cache-iad-kiad7000079-IAD, cache-lax10623-LGB, cache-iad-kiad7000110-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 21 Mar 2023 15:28:28 GMT
server
nginx
x-timer
S1683837255.616155,VS0,VE2
etag
"cc556eb445caf16a097c64cd541ee637"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 17, 1
fdba25995d4800218a9729162f24587f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdba25995d4800218a9729162f24587f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f8cc133b23963951a3967fd8d159a5dc7abc5c9778d027d5b7da05f284cb97c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdba25995d4800218a9729162f24587f.png
age
1413982
edge-cache-tag
340158077641822164212244268459042081757,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
340158077641822164212244268459042081757,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
445
req-referer
https://www.oe24.at/
content-length
17132
x-request-id
ec90c8d9f7702bc9b16bb091256cbabc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200088-IAD, cache-iad-kiad7000046-IAD, cache-chi-kigq8000102-CHI, cache-iad-kiad7000115-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 25 Apr 2023 09:02:35 GMT
server
nginx
x-timer
S1683837255.621385,VS0,VE1
etag
"d8ba745cd38b437b681cff7544e7a590"
x-ratelimit-remaining
99
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 405, 1
10741ea058f151b67db4230bafbe812d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
381f1a1f0167a6aae2158545e29b1fd018e0d77ccb6acc2af86d4b1f0feb79d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
age
40479
edge-cache-tag
630794942868811789712213737048539066062,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
630794942868811789712213737048539066062,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
187
req-referer
https://www.pcgamer.com/
content-length
42312
x-request-id
a2573690777aa3a9f4560f09b93a8475
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100176-IAD, cache-iad-kjyo7100091-IAD, cache-chi-klot8100088-CHI, cache-iad-kiad7000100-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 11 May 2023 06:39:08 GMT
server
nginx
x-timer
S1683837255.621577,VS0,VE2
etag
"71408ab62bbbc35cd611114abcbb25ad"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
4326c4cf030ce4e4f3a13d56da13ce2b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4326c4cf030ce4e4f3a13d56da13ce2b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f6a1daab5bd5eece66cb47c368879454d07f309076d7ef81174b839b6727414

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4326c4cf030ce4e4f3a13d56da13ce2b.jpg
age
1739357
edge-cache-tag
416629500683766219235485456296007415945,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
416629500683766219235485456296007415945,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
188
expiration
expiry-date="Sun, 30 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://rezepte24.eu/
content-length
23078
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kiad7000037-IAD, cache-chi-kigq8000030-CHI, cache-iad-kiad7000144-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 30 Mar 2023 16:03:29 GMT
server
nginx
x-timer
S1683837255.624741,VS0,VE1
etag
"e8ba0f8006b43f2f0e1f32cc07c84b43"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
e5f79433ce99370f1659b5efab0b0400.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5f79433ce99370f1659b5efab0b0400.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e55cd3cd9f6482e766364d3c2e50de3508709dd5832e267f9ae80806938b000a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5f79433ce99370f1659b5efab0b0400.jpg
age
2243392
edge-cache-tag
596935233587229096856104471190582616458,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
cache-tag
596935233587229096856104471190582616458,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
437
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.liputan6.com/
content-length
36514
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000102-IAD, cache-iad-kiad7000041-IAD, cache-lax10667-LGB, cache-iad-kjyo7100171-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 03 Apr 2023 19:00:04 GMT
server
nginx
x-timer
S1683837255.624840,VS0,VE0
etag
"b44a4b6276555d2f3fb68b8b296f15dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 85, 16
gettyimages-476846276.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1636382840751/content/gallery/freenet/unterhaltung/wi... 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1636382840751/content/gallery/freenet/unterhaltung/witze/2021/06/03/pictures/gettyimages-476846276.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99207a6dba899f1022d366c5f82f4d46ad0201804b792f9982b0a02d850a81f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1636382840751/content/gallery/freenet/unterhaltung/witze/2021/06/03/pictures/gettyimages-476846276.jpeg
age
2501694
edge-cache-tag
581029778774014878463945528932129266347,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
581029778774014878463945528932129266347,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
931
expiration
expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://auto-motor-seite.de/
content-length
20506
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100111-IAD, cache-iad-kcgs7200130-IAD, cache-lga21926-LGA, cache-iad-kiad7000045-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 15 Mar 2023 18:45:53 GMT
server
nginx
x-timer
S1683837255.636895,VS0,VE1
etag
"503e8a7010aaabaff081d594ce864eb7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 1
2bdc96dc252e2335c16cb908c3721cd7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bdc96dc252e2335c16cb908c3721cd7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
135d83e67c4f18083b3b08d487756caac6722b78b507f63bc663b3301f32b670

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bdc96dc252e2335c16cb908c3721cd7.jpg
age
3665224
edge-cache-tag
411825573420123745872120017173843553470,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
411825573420123745872120017173843553470,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Sat, 08 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://editorsnation.com/
content-length
25688
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kiad7000150-IAD, cache-lax10658-LGB, cache-iad-kjyo7100028-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 08 Mar 2023 09:49:08 GMT
server
nginx
x-timer
S1683837255.654283,VS0,VE0
etag
"f3abb849fd639d5bc345068ec38d9181"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 6, 1424
bulk
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?tvi2=84&route=AM%3AAM%3AV&lti=reco-reel-unused-code-remove_var&bulkSize=14
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230031-FRA
server
nginx
x-timer
S1683837254.358157,VS0,VE12
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=84&route=AM%3AAM%3AV&lti=reco-reel-unused-code-remove_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230031-FRA
server
nginx
x-timer
S1683837254.364234,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?tvi2=84&route=AM%3AAM%3AV&lti=reco-reel-unused-code-remove_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230031-FRA
server
nginx
x-timer
S1683837254.364624,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
va8blztywio1or9ynqx5.mp4
cdn.taboola.com/libtrc/static/video/v1681386696/ 		750 KB
751 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681386696/va8blztywio1or9ynqx5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c6a9ccc522188d4745ca6d4ff809131467bcad0e3c925085b71960e9771ac45

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
q8kJm8crMjQLngWyiJTDN_ZOEC9YYUNe
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish
x-amz-request-id
F4S9H2GH2HSEYPS5
age
115
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-768361/768362
x-amz-replication-status
COMPLETED
Content-Length
768362
x-amz-id-2
MqYaJy0pPqbbrzOsamMv4W7SMW1KTMaID2OaU97dk8IQVlU7RxWsZ+RiRLCYJia+HkzNpbI3kaQ=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Thu, 13 Apr 2023 11:51:46 GMT
server
AmazonS3
x-timer
S1683837254.385305,VS0,VE1
etag
"c84efd6e185e0397c0d3a079e5f0dc6f"
content-type
video/mp4;codecs=avc1
abp
73
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
p5x40tl1x1yzemjbxmzq.mp4
cdn.taboola.com/libtrc/static/video/v1681117575/ 		376 KB
376 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681117575/p5x40tl1x1yzemjbxmzq.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23632e7b14909669606c1fcb4918fd150bb663961b99e010615918a39d6bd1a2

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
rSvE8Cg9Ziu0ZSqbUFpteg_rMrDfRMBf
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish
x-amz-request-id
PQ43SW3K5DYA99PB
age
24
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-384770/384771
x-amz-replication-status
COMPLETED
Content-Length
384771
x-amz-id-2
7lGnguVz9N4HcAutmhSQuTTKjmM6ISNs+82+3Z/dMP+JcjX6A47KNPU4idMi5u2nVxEVTjFaegA=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Mon, 10 Apr 2023 09:06:24 GMT
server
AmazonS3
x-timer
S1683837254.385274,VS0,VE2
etag
"50d994b3362226a396020644c40fea9a"
content-type
video/mp4;codecs=avc1
abp
63
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_7_5/infra/ 		889 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d

Request headers

Referer
http://ultrasurfing.com/
Origin
http://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683645077
Date
Thu, 11 May 2023 20:34:14 GMT
Via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
191614
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1683645078
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
200195
X-Served-By
cache-fra-eddf8230038-FRA
Last-Modified
Tue, 09 May 2023 15:11:19 GMT
Server
AmazonS3
X-Timer
S1683837255.672712,VS0,VE0
ETag
"f0c45468d729788adab04c7c774f6382"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
A_BYf7xjbn9f-7SxsofEkeCgC6eFyTt9MFkYiYmPSZWRa-Pu_76yxg==
X-Cache-Hits
1729
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_5/assets/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/vpaid/units/32_7_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683645113
Date
Thu, 11 May 2023 20:34:14 GMT
Via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
192100
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1683645114
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
9098
X-Served-By
cache-fra-eddf8230124-FRA
Last-Modified
Tue, 09 May 2023 15:11:55 GMT
Server
AmazonS3
X-Timer
S1683837254.392338,VS0,VE0
ETag
"61cb141147e307fd87ad58965536cba5"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
text/css
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
GCWOG94wCi8XX15_7jM_XXKXPkjrshNHFZgrjHY7UwtoBCxvdJuNPw==
X-Cache-Hits
32669
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B6A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 19:10:58 GMT
expires
Fri, 10 May 2024 19:10:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 12A0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f09dffd34fa1f5e0b6ee3573fe7ec4ab2aaaf2974252f14cfa7a35bf6be74729
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tsa0yBAEdfEOKkI5Heshyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Tsa0yBAEdfEOKkI5Heshyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:34:14 GMT
expires
Thu, 11 May 2023 20:34:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame E4E0 		72 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254136309246&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=938462888&size=160x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26e2ab941160a7e8244df2de1737a97747fd85f3385f1a1257d632cb89c16954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25904
content-type
text/html
date
Thu, 11 May 2023 20:34:14 GMT
expires
Thu, 11 May 2023 20:34:14 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-chwq
checksync.php
contextual.media.net/ Frame 8ABA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:34:14 GMT
expires
Sat, 13 May 2023 20:34:14 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame CC40 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1943&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=938462888&vi=1683837254136309246&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785070&r=1683837254448&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&ssld=%7B%22QQ8E%22%3A%22uWX.fuA.uXX.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22q4%22%2C%22QQN75%22%3A%22C1QQJj%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1683837254124398175&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p11440520134t202305112034&vgd_pgids=1&vgd_uspa=0&hvsid=00001683837254439031177838087894&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:34:14 GMT
checksync.php
contextual.media.net/ Frame AC69 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:34:14 GMT
expires
Sat, 13 May 2023 20:34:14 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame CC40 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4549&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=3414845726708156214&vid=3414845726708156214&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=HE&ct=Kassel&zip=34125&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-rtk7d.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=39351&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=37.252.171.139&s_city=frankfurt+am+main&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=35&pvid=462&prvAccId=938462888&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=41501114786260_1935967329_10163351414621&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=1.020&cbdp=0.490&og_cbdp=1.020&ogbdp=1.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.490&dt=O&dbf=1&epc=938462888&s=1&snm=SUCCESS&pcrid=8CU62MU8E-938462888-19-2&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=45&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683837252277&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785676&strg=HARMONY&stagid=27587520&vls=0&scrid=424785676&mang=1&pvdTmax=109&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587520&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587520&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=42c1074756dd4f32a6650a975fa46638&rtime=15.0&wsip=mowx-7d6f88db94-5ccv6&ltime=25.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=2239899865587652553&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587520&insl=0&mowxReqId=42c1074756dd4f32a6650a975fa46638_1&ecp=0.21&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587520&supplyTagId=27587520&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=26&debug_ts=2023-05-11+20%3A34%3A12&__expireat=1683837852534&mview=1&rme=adm&bdata=~bx_len%3D956~bid%3D1.020~bx_asn%3D39351~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010010~bx_size%3D160x600~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DKASSEL~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D30~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.07~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D2~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.073~dmm_m1%3D0.198~dmm_m10%3D1.000~dmm_m11%3D0.980~dmm_m12%3D0.463~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.996~dmm_m16%3D0.205~dmm_m2%3D0.158~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D6~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D171.000~dmm_m36%3D171.000~dmm_m39%3D187.000~dmm_m40%3D187.000~dmm_m43%3D0.345~dmm_m5%3D1.000~dmm_m51%3D171.000~dmm_m52%3D0.453~dmm_m6%3D1.000~dmm_m7%3D0.463~dmm_m9%3D1.000~dmm_r%3D0.269~e_rpm%3D0.198~erpm%3D0.198~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D185.213.155.0~r_sc%3DHE~rbo%3D5_3~seller_tag_id%3D27587520~std%3D27587520~visibility%3D1~supply_tag_id%3D27587520%7Eviewability%3D0.452681%7Ecbdp%3D1.020%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D1.020%7Eitype_id%3D16%7Eseller_tag_id%3D27587520%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D1-2~ibc%3D1~&utime=2208&sf=0&cpr=0.26917648508762704
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:34:14 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date
Thu, 11 May 2023 20:34:14 GMT
Via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
Age
22082
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
X-Served-By
cache-fra-eddf8230091-FRA
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1683837255.618271,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type
image/png
abp
39
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
8752
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 82BE 		68 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254670197827&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=434553236&size=300x250&cc=DE&sc=HE&chnm=EXPLORATORY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
675cd2113004b1b2ac3202cd9348583957f9ca63293d91a1211ae2f2b7d05254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
24997
content-type
text/html
date
Thu, 11 May 2023 20:34:14 GMT
expires
Thu, 11 May 2023 20:34:14 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-vw6m
checksync.php
contextual.media.net/ Frame FEF6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:34:14 GMT
expires
Sat, 13 May 2023 20:34:14 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 4B6C 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1922&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=434553236&vi=1683837254670197827&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785070&r=1683837254553&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22uWX.fuA.uXX.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22q4%22%2C%22QQN75%22%3A%22C1QQJj%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1683837254150484798&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p11440520134t202305112034&vgd_pgids=3&vgd_uspa=0&hvsid=00001683837254536031177838081953&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Thu, 11 May 2023 20:34:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:34:14 GMT
checksync.php
contextual.media.net/ Frame 3CD7 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:34:14 GMT
expires
Sat, 13 May 2023 20:34:14 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 4B6C 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4552&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=3414845726708156214&vid=3414845726708156214&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=HE&ct=Kassel&zip=34125&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-rtk7d.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=39351&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=37.252.171.139&s_city=frankfurt+am+main&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=35&pvid=462&prvAccId=434553236&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=32316977377142_1308271930_10163351434621&reqsize=300x250&size=300x250&chnl=EXPLORATORY&bdp=0.830&cbdp=0.501&og_cbdp=0.830&ogbdp=0.83&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.501&dt=O&dbf=1&epc=434553236&s=1&snm=SUCCESS&pcrid=8CU62MU8E-434553236-19-26&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=57&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683837252277&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785015&strg=EXPLORATORY&stagid=27587518&vls=0&scrid=424785015&mang=1&pvdTmax=109&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587518&mx_tgs=120x600%7C160x600%7C300x250%7C300x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587518&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=53a822b1f0bc4a47a869b1fbc08b6348&rtime=15.0&wsip=mowx-7d6f88db94-mg9hg&ltime=25.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=5457514681229287365&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587518&insl=0&mowxReqId=53a822b1f0bc4a47a869b1fbc08b6348_1&ecp=0.22&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587518&supplyTagId=27587518&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=27&debug_ts=2023-05-11+20%3A34%3A12&__expireat=1683837852534&mview=1&rme=adm&bdata=~bx_len%3D932~bid%3D0.830~bx_asn%3D39351~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010001~bx_size%3D300x250~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DKASSEL~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D50~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.07~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D2~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.078~dmm_m1%3D0.205~dmm_m10%3D1.000~dmm_m11%3D0.772~dmm_m12%3D0.490~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.030~dmm_m16%3D0.264~dmm_m2%3D0.158~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D171.000~dmm_m36%3D171.000~dmm_m39%3D187.000~dmm_m40%3D187.000~dmm_m5%3D1.000~dmm_m51%3D171.000~dmm_m52%3D0.565~dmm_m6%3D1.000~dmm_m7%3D0.490~dmm_m9%3D1.000~dmm_r%3D0.264~e_rpm%3D0.205~erpm%3D0.205~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D185.213.155.0~r_sc%3DHE~rbo%3D5_3~seller_tag_id%3D27587518~std%3D27587518~visibility%3D1~supply_tag_id%3D27587518%7Eviewability%3D0.565079%7Ecbdp%3D0.830%7Edmm%3Dexploratory%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Dmrg-4.0%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D0.830%7Eitype_id%3D16%7Eseller_tag_id%3D27587518%7EcarrierId%3D0%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~&utime=2314&sf=0&cpr=0.3206422818149399
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:14 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:34:14 GMT
/
www.youronlinechoices.com/wp-content/plugins/optout/callback/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=H59YMWuxBInkdbg2AFxU7Nn6Zhg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.85.112.191 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rd_log
fra1-ib.adnxs.com/ Frame CC40 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QL6A-j6AQAAAwDWAAUBCMSi9aIGEMmvsOb2oe6KHxgAKjYJXI_C9Shc3z8RLv8h_fZ12D8ZAAAAoEfhyj8hLg0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUIzuxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvQgAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AL2_1vqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASM7sbKAYgFAZgFAKAFto7NuYiD_rEvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAANOwEBbBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkBIAEBASQM2gcGCAUJaOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=84e2780c31fa55903bfb70957dd4f1fcc59152d1&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:14 GMT
AN-X-Request-Uuid
92ca74b0-3c6a-45cd-a2ab-0db6c2d2c1b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rd_log
fra1-ib.adnxs.com/ Frame 4B6C 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QL6A-j6AQAAAwDWAAUBCMSi9aIGEMmvsOb2oe6KHxgAKjYJXI_C9Shc3z8RLv8h_fZ12D8ZAAAAoEfhyj8hLg0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUIzuxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvQgAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AL2_1vqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO7ojbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASM7sbKAYgFAZgFAKAFto7NuYiD_rEvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAANOwEBbBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkBIAEBASQM2gcGCAUJaOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=84e2780c31fa55903bfb70957dd4f1fcc59152d1&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:14 GMT
AN-X-Request-Uuid
a5e15a15-6609-4ac5-bd32-bea70d745b5d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
3ead58e12674808f12e79b256560081a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab5a5efb74050059bb5fffb479cfcaeb3b33eee913543e0512a8f4a7bdcc2cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
age
2385025
edge-cache-tag
381627698217469947099100280957135315376,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
381627698217469947099100280957135315376,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
190
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/meinungen/kanada-kernkraft-saubere-energie-volkswagen-trudeau/
content-length
66644
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kjyo7100177-IAD, cache-lax10642-LGB, cache-iad-kjyo7100172-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 23 Mar 2023 20:18:02 GMT
server
nginx
x-timer
S1683837255.819484,VS0,VE0
etag
"64c4608fa2a04e71dc6279734acad829"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
d5702aaceaf73790705d5a69ad0e15d5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5702aaceaf73790705d5a69ad0e15d5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fe29c8d20e555a4ec3981a24a9c7161ba0f6b09c00ba97bc4fa747de7d4327a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5702aaceaf73790705d5a69ad0e15d5.jpg
age
269349
edge-cache-tag
516654095969218340446411391901730686240,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
516654095969218340446411391901730686240,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
473
req-referer
https://www.live5news.com/
content-length
5084
x-request-id
a0037f2fa7df2a8f7505eb5d53488b33
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kjyo7100108-IAD, cache-lax10673-LGB, cache-iad-kcgs7200029-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 05 May 2023 07:12:39 GMT
server
nginx
x-timer
S1683837255.820090,VS0,VE0
etag
"04a2d10b5e4491894e7d45a593927f19"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame D978 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 05:24:40 GMT
x-content-type-options
nosniff
age
486575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 05:24:40 GMT
iframe
pixel.mathtag.com/sync/ Frame FCC8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown" /
Resource Hash
d2c75b6981775f00c5233cda525d0105181a31fcab1ddc0f6d674e11c18bc77f

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
961
Content-Type
text/html
Date
Thu, 11 May 2023 20:34:14 GMT
Expires
Thu, 11 May 2023 20:34:13 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Vary
Accept-Encoding
e00192d1ef454529f7e205e0412a6dff.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e00192d1ef454529f7e205e0412a6dff.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50ac7f22b51e7f975fc7c9ccbc24227fa77733b877c2e66fe0a95792bce2983d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e00192d1ef454529f7e205e0412a6dff.png
age
2026550
edge-cache-tag
602072104652827969040584637690858742521,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
602072104652827969040584637690858742521,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
498
req-referer
https://www.index.hr/mobile/sport/clanak/turci-o-bjelici-detalj-s-gvardiolom-u-dinamu-je-pokazao-njegovu-najvazniju-kvalitetu/2455970.aspx?index_tid=344583&index_ref=naslovnica_sport_prva_m
content-length
6032
x-request-id
522b306544050b8ebb129aeb364e9da0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kcgs7200171-IAD, cache-lax10635-LGB, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 17 Apr 2023 09:59:13 GMT
server
nginx
x-timer
S1683837255.993653,VS0,VE0
etag
"dc76cfbb52b8c5f7830ee24266b550a2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f77ab9caba51216bcfa68403730f8c2b0b3426f78aa83a7b10287d7fa708176

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
2017647
edge-cache-tag
614864820090109347195755692061116706336,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
328
expiration
expiry-date="Tue, 02 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oggi.it/video/gossip/2018/03/29/cristina-buccino-va-fuori-di-seno-guarda-il-video-dellincidente-sexy-nel-backstage/
content-length
81340
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kcgs7200178-IAD, cache-lax10662-LGB, cache-iad-kiad7000043-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 01 Apr 2023 20:14:01 GMT
server
nginx
x-timer
S1683837255.995082,VS0,VE0
etag
"034c9b53ed495d4a1fa3a3947dcc3e2e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 32, 2
bda760b64ab82983a76e3d8dd8d17181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bda760b64ab82983a76e3d8dd8d17181.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ae7673c07b432af8a15f755fc93fa4b92c7a4202bfd6fc85b086885fa4973622

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bda760b64ab82983a76e3d8dd8d17181.jpg
age
275187
edge-cache-tag
470035049209276474154204871449584559978,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
470035049209276474154204871449584559978,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
324
req-referer
https://sports.walla.co.il/
content-length
9614
x-request-id
5f7c22fc83d866d1ea115a7645541474
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kjyo7100023-IAD, cache-chi-kigq8000079-CHI, cache-iad-kiad7000117-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 05 May 2023 07:11:46 GMT
server
nginx
x-timer
S1683837255.994147,VS0,VE0
etag
"bc4bb5a8767d34f5ba67cae3efa518c7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
7e40e84839e776e4587b7f433a6e051a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e40e84839e776e4587b7f433a6e051a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6e9c40bcb1a03b5748a36ee6be4324ebf6eec01c011db36c99f447b789c1e8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e40e84839e776e4587b7f433a6e051a.jpg
age
630844
edge-cache-tag
606050701736552535987664751553408334933,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
606050701736552535987664751553408334933,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
137
expiration
expiry-date="Sun, 21 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newschannel10.com/
content-length
5012
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kjyo7100159-IAD, cache-chi-kigq8000023-CHI, cache-iad-kiad7000171-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 20 Apr 2023 02:37:22 GMT
server
nginx
x-timer
S1683837255.994178,VS0,VE0
etag
"a75657117bd5ff904319bc0d8060d2c9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 2
d5188b71c01c6e96f87b36b1282b6aa3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e31e19bcf1d1ad6075e43816f250b814cd4bafde0510de88d930d24b196accc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
age
2090003
edge-cache-tag
425481553482210613476636665782714446727,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag
425481553482210613476636665782714446727,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
153
expiration
expiry-date="Sat, 13 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nbcnews.com/
content-length
60816
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100038-IAD, cache-iad-kiad7000103-IAD, cache-lax10669-LGB, cache-iad-kcgs7200083-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 12 Apr 2023 08:43:13 GMT
server
nginx
x-timer
S1683837255.994561,VS0,VE0
etag
"a2ecb02e80bf6523eea5c29637089d3e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 15, 2
5e53b7339d233d862ef1982ce507c523.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e53b7339d233d862ef1982ce507c523.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a39d0ddefb193b5bb0551b127febb9461672197e195b7ccf9aed8b465580eaf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e53b7339d233d862ef1982ce507c523.jpg
age
2570246
edge-cache-tag
352306561920397752251496609051597209879,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
352306561920397752251496609051597209879,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
62
expiration
expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/wintersport/biathlon/2023/04/biathlon-rucktritt-nach-rauswurfs-schock-konkurrenzkampf-bei-den-norwegern-fordert-tribut
content-length
9974
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000120-IAD, cache-iad-kiad7000079-IAD, cache-lax10623-LGB, cache-iad-kiad7000110-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 21 Mar 2023 15:28:28 GMT
server
nginx
x-timer
S1683837255.994138,VS0,VE0
etag
"cc556eb445caf16a097c64cd541ee637"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 17, 2
fdba25995d4800218a9729162f24587f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdba25995d4800218a9729162f24587f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f8cc133b23963951a3967fd8d159a5dc7abc5c9778d027d5b7da05f284cb97c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdba25995d4800218a9729162f24587f.png
age
1413982
edge-cache-tag
340158077641822164212244268459042081757,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
340158077641822164212244268459042081757,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
445
req-referer
https://www.oe24.at/
content-length
17132
x-request-id
ec90c8d9f7702bc9b16bb091256cbabc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200088-IAD, cache-iad-kiad7000046-IAD, cache-chi-kigq8000102-CHI, cache-iad-kiad7000115-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 25 Apr 2023 09:02:35 GMT
server
nginx
x-timer
S1683837255.028826,VS0,VE0
etag
"d8ba745cd38b437b681cff7544e7a590"
x-ratelimit-remaining
99
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 405, 2
10741ea058f151b67db4230bafbe812d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
381f1a1f0167a6aae2158545e29b1fd018e0d77ccb6acc2af86d4b1f0feb79d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10741ea058f151b67db4230bafbe812d.jpeg
age
40479
edge-cache-tag
630794942868811789712213737048539066062,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
630794942868811789712213737048539066062,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
187
req-referer
https://www.pcgamer.com/
content-length
42312
x-request-id
a2573690777aa3a9f4560f09b93a8475
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100176-IAD, cache-iad-kjyo7100091-IAD, cache-chi-klot8100088-CHI, cache-iad-kiad7000100-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 11 May 2023 06:39:08 GMT
server
nginx
x-timer
S1683837255.029318,VS0,VE0
etag
"71408ab62bbbc35cd611114abcbb25ad"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 2
4326c4cf030ce4e4f3a13d56da13ce2b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4326c4cf030ce4e4f3a13d56da13ce2b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f6a1daab5bd5eece66cb47c368879454d07f309076d7ef81174b839b6727414

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4326c4cf030ce4e4f3a13d56da13ce2b.jpg
age
1739357
edge-cache-tag
416629500683766219235485456296007415945,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
416629500683766219235485456296007415945,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
188
expiration
expiry-date="Sun, 30 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://rezepte24.eu/
content-length
23078
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kiad7000037-IAD, cache-chi-kigq8000030-CHI, cache-iad-kiad7000144-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 30 Mar 2023 16:03:29 GMT
server
nginx
x-timer
S1683837255.029263,VS0,VE0
etag
"e8ba0f8006b43f2f0e1f32cc07c84b43"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 2
e5f79433ce99370f1659b5efab0b0400.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5f79433ce99370f1659b5efab0b0400.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e55cd3cd9f6482e766364d3c2e50de3508709dd5832e267f9ae80806938b000a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5f79433ce99370f1659b5efab0b0400.jpg
age
2243393
edge-cache-tag
596935233587229096856104471190582616458,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
cache-tag
596935233587229096856104471190582616458,590980022232290295035470272535178474800,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
437
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.liputan6.com/
content-length
36514
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000102-IAD, cache-iad-kiad7000041-IAD, cache-lax10667-LGB, cache-iad-kjyo7100171-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 03 Apr 2023 19:00:04 GMT
server
nginx
x-timer
S1683837255.029303,VS0,VE0
etag
"b44a4b6276555d2f3fb68b8b296f15dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 85, 17
gettyimages-476846276.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1636382840751/content/gallery/freenet/unterhaltung/wi... 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1636382840751/content/gallery/freenet/unterhaltung/witze/2021/06/03/pictures/gettyimages-476846276.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99207a6dba899f1022d366c5f82f4d46ad0201804b792f9982b0a02d850a81f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1636382840751/content/gallery/freenet/unterhaltung/witze/2021/06/03/pictures/gettyimages-476846276.jpeg
age
2501694
edge-cache-tag
581029778774014878463945528932129266347,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
581029778774014878463945528932129266347,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
931
expiration
expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://auto-motor-seite.de/
content-length
20506
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100111-IAD, cache-iad-kcgs7200130-IAD, cache-lga21926-LGA, cache-iad-kiad7000045-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 15 Mar 2023 18:45:53 GMT
server
nginx
x-timer
S1683837255.080628,VS0,VE0
etag
"503e8a7010aaabaff081d594ce864eb7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 2
2bdc96dc252e2335c16cb908c3721cd7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bdc96dc252e2335c16cb908c3721cd7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
135d83e67c4f18083b3b08d487756caac6722b78b507f63bc663b3301f32b670

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:34:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bdc96dc252e2335c16cb908c3721cd7.jpg
age
3665225
edge-cache-tag
411825573420123745872120017173843553470,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag
411825573420123745872120017173843553470,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Sat, 08 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://editorsnation.com/
content-length
25688
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kiad7000150-IAD, cache-lax10658-LGB, cache-iad-kjyo7100028-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 08 Mar 2023 09:49:08 GMT
server
nginx
x-timer
S1683837255.080614,VS0,VE0
etag
"f3abb849fd639d5bc345068ec38d9181"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 6, 1425
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:34:15 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
3306
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1683837255.179232,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
74
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
15006
view
securepubads.g.doubleclick.net/pcs/ Frame CC40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjJy-UcU0vLJLpK5mSmEBx2DyTRuTh7OAGyQXjesErH4A0z6JSk6UO3con0fFQ85cRsAHhLwb_twQHX8nvUn_qca77ZcpPK0YXNkWtX-XBYlV9cbj1agGvQqqmzqejM--l6uzTIcgNqGRNGdih5aHuRVZC7nDOxYXoTIhK4ezbxg-WJGJLPqLX6SZW6ZKSaqByqfGpzARkmFJFhPabmiTyU-o6tAlfF7zn3KAhHvCTrJL1S6jcDWMbx1rvJnj-U_QZgsE0XCdlggeuvjkOhXMEwOyddkRoEPBD8iDkoI0M1Yyl8-kjLdH1dyWnJtVIqNDUbH8VjMFfFGHbDjQJuxuU3MSF63BJKg&sai=AMfl-YQ79yWzdCI1Djpuihv3tUSyEgQL-XM3jLc3DRaZLp5CxmxAMtStEYRKCcd01s010kwMLwE7WqGi7NUTTE_sd0zAewP3nBetBfwoJnDufa6ulhssDg_diat_WQcelooBg4iuZ6s3AkBtXv0I9hg&sig=Cg0ArKJSzHml657j5a7cEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:34:15 GMT
truncated
/ Frame CC40 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9457f927fff4ba90f3cca9cb46adc374d4831d0c874a2d7da360184a97d318db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
img
pixel.mathtag.com/comp/ 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x31 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:15 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x31 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:34:14 GMT
truncated
/ Frame E4E0 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4E0 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame E4E0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254136309246&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=938462888&size=160x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254136309246&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=938462888&size=160x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:15 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
21704
expires
Fri, 12 May 2023 20:34:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWefGJAiVMxEpsS1jzqIEwPXv20b_WFZcK8-DgRs4nrNiTRZMNeRYR_wHqkVTDTLYuzbcHGslgi9ylL5-JzPzkA-16_3ndTCBwGpv5BF_PF7VyZpmatKt2XDwZqz3BuTVh3WcZ_o64_uFAzGzWF7LfTL5sfYAIclXBCW0WvVbvtYAKKYHiOEC3BPes_arLf2vGP5OfQ8_fQ5VNBwpXt45f4X7mK7TOPS7RCjUScHpdafznTq3RXvWY-8kD76oE3_l_D4tZ-B9WrwAprWiWPjC5dVDMYdCqLK9l6hCQFx046tawhZGl1aRt5wYrVCwPAKvVAZF7VXqHj25h2prmmz86mUk&sai=AMfl-YQ1kSGzoSCSWvBl8D1OkQuGlMHzehe8e5UwP6P_zQliOHliQxX0cHXyVhvO48u-QX9hAjnLl3EbPQTjDNsrEC0L9ZKSxRcDHIIn1i6hL19-ApPnPQfjXVapQWRlGl7MnqxkAW00jauAIl5nHHw&sig=Cg0ArKJSzNzfkyHZb300EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:34:15 GMT
truncated
/ Frame 4B6C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b52017bc5d7d1528e3f56ed9c1731773f2e42e131ecf888f7bcbd262f17e7c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
content_v3.js
vidstat.taboola.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:15 GMT
Via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
4013797
X-Cache
Hit from cloudfront, HIT
Connection
keep-alive
Content-Length
4839
X-Served-By
cache-fra-eddf8230124-FRA
Last-Modified
Wed, 20 Jul 2022 13:23:50 GMT
Server
AmazonS3
X-Timer
S1683837256.645974,VS0,VE0
ETag
"f7533e747bb02a8eb527ada4f2749620"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
X-Cache-Hits
236969
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/ 		436 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683622864
Date
Thu, 11 May 2023 20:34:15 GMT
Via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
214346
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1683622864
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
103956
X-Served-By
cache-fra-eddf8230124-FRA
Last-Modified
Tue, 09 May 2023 09:01:05 GMT
Server
AmazonS3
X-Timer
S1683837256.696134,VS0,VE0
ETag
"3277393b352241263c34b3d6dff9248e"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
KSlDPb9LS5gv2Dj-l8mnog6rrNL660JLsWnJ-1zwaBtlJYbVZMsTnA==
X-Cache-Hits
34768
sync
am-match.taboola.com/ Frame FB9D 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
80740daf68e1f4b4dee26e9170c65ae4229fcf65bcac16c4e0169f4519127868

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 11 May 2023 20:34:15 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&cmcv=&pix=31579697&cb=1683837255696&uv=3275&tms=1683837255696&su=3&abt=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
truncated
/ Frame 82BE 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 82BE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame 82BE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254670197827&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=434553236&size=300x250&cc=DE&sc=HE&chnm=EXPLORATORY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254670197827&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=434553236&size=300x250&cc=DE&sc=HE&chnm=EXPLORATORY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:15 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
21704
expires
Fri, 12 May 2023 20:34:15 GMT
vevent
fra1-ib.adnxs.com/ Frame CC40 		0
957 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QK7BOg7AgAAAwDWAAUBCMSi9aIGEMmvsOb2oe6KHxgAKjYJXI_C9Shc3z8RLv8h_fZ12D8ZAAAAoEfhyj8hLg0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUIzuxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvS4AZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AL2_1vqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDM0MTQ4NDU3MjY3MDgxNTYyMTRfc2JpZBoTMjIzOTg5OTg2NTU4NzY1MjU1MyIJNDI0Nzg1Njc2KgVNMTE3M8ADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjSoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIzuxsoBiAUBmAUAoAW2js25iIP-sS_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=520d4908eb154447bdc2a64edb364f7c3c4983b7&type=nv&nvt=5&jm=1003&px=325&py=487&bw=160&bh=600&sid=3503557261689830846&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587520&sw=1600&sh=1200&pw=1600&ph=6468&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:15 GMT
AN-X-Request-Uuid
6c305311-21c2-45db-b6df-67f75807d61d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 4B6C 		0
957 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QK7BOg7AgAAAwDWAAUBCMSi9aIGEMW_mtn_lb_eSxgAKjYJ1XjpJjEI4D8RipP7HYoC2T8ZAAAAwPUozD8hig0SACkRJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgUPfoxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvS4AZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AK1-1zqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDM0MTQ4NDU3MjY3MDgxNTYyMTRfc2JpZBoTNTQ1NzUxNDY4MTIyOTI4NzM2NSIJNDI0Nzg1MDE1KgVNMTE3M8ADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjSoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPfoxsoBiAUBmAUAoAW2js25iIP-sS_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=e01690485c76908aa50341e2ffc9788d0b015bc4&type=nv&nvt=5&jm=1003&px=975&py=487&bw=300&bh=250&sid=3503557261689830846&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587518&sw=1600&sh=1200&pw=1600&ph=6468&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:15 GMT
AN-X-Request-Uuid
e7a92cda-9f66-44c7-adc1-512d96dd34d5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bql.php
lg3.media.net/ Frame E4E0 		15 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7010&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380ZslekaEuJhrk2EzmUsaIm_rnUUOwvw-c0_RgQa2cjeOREqFeZ3VPV8LFBlI7odAyLP3ZhEmTXjrmeJ0_K7Wvgvcu8bot3tr4vuLVTe9rGZE%3D&cme=8pHfzVZCjLH2dzFx8hxORdPGDm1kZK9zZxTAZ-4xZVtdSuqcDJjrgM0pqwgBHueKaOcbwJeeIcpJRjTqeMXlH0iyBtGtT2GyV1EoJZD7GDCXGuexh6HZKu49T-fAnQpVjqNZax_UUE5lM16vjC5cOVMvtfaLgeAozJdeOrp0EVkdqVWeD7SzS8Z4PVJRDOItB8hiQ6kfHyu266Hho4S4bWA7EvntxUB4RlrXzRL4nJQ%3D%7C%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7C1xiR5QkGrYaPHRbpbKem_OE4cjFhO781EdscpdfR_3hKeDlHOsYf213je3ZdbjKpnPGJjAPEeYeEgwiaf3ZP1A-ZlFIguEUOQPeakRjnKXIm-bkqFvDciyfBlXsbGSy5DhEw7FxoCjwjNYCBcPhvGw35VZNd9Ye2OOKVXeAtXdMQ0NwKLsNWX4qAz-eMydcdgICC7hJU1-3apFuCit5jsuwjUaBIyKTACCt8DAum_W79cZ81rLz2QmVnFj9uAKug3C3BuHBS8uc%3D%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Beste+Geldanlage+f%C3%BCr+Rentner&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=350764368&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0951%7C24%3D111%7C25%3D0%7C22%3D0.0162%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D31%7C27%3D0%7C13%3D0.0689%7C14%3D051108%7C15%3D0%7C1%3D0.60%7Cr%3D1%7C12%3D0.36%7C63%3D0.10%7C10%3D1.79%7C60%3D0.75%7C62%3D0.58%7C2%3D2.07%7Cps%3D0.380%7C3%3D0.37%7C4%3D3.55&ktd[]=274894749952&ktrkt[]=Beste+Geldanlage+f%C3%BCr+Rentner&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1236%7C24%3D86%7C25%3D0%7C22%3D0.0192%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0547%7C14%3D051108%7C15%3D0%7C1%3D0.38%7Cr%3D2%7C12%3D0.38%7C63%3D0.10%7C10%3D1.79%7C60%3D0.27%7C62%3D0.29%7C2%3D1.22%7Cps%3D0.380%7C3%3D0.13%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=10+beste+E-Bikes+im+Test&kwd[]=Minijobs+f%C3%BCr+Senioren&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=350764953&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1066%7C24%3D12%7C25%3D0%7C22%3D0.0422%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D47%7C27%3D0%7C13%3D0.0424%7C14%3D051108%7C15%3D0%7C1%3D0.60%7Cr%3D3%7C12%3D0.36%7C63%3D0.10%7C10%3D1.79%7C60%3D0.75%7C62%3D0.58%7C2%3D2.07%7Cps%3D0.380%7C3%3D0.22%7C4%3D4.29&ktd[]=274894749952&ktrkt[]=Minijobs+f%C3%BCr+Senioren&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0605%7C24%3D80%7C25%3D0%7C22%3D0.0201%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0507%7C14%3D051108%7C15%3D0%7C1%3D0.40%7Cr%3D4%7C12%3D0.35%7C63%3D0.10%7C10%3D1.79%7C60%3D0.52%7C62%3D0.45%7C2%3D1.07%7Cps%3D0.380%7C3%3D0.11%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=Die+besten+E-Bike+Angebote&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1021%7C24%3D73%7C25%3D0%7C22%3D0.0212%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0494%7C14%3D051108%7C15%3D0%7C1%3D0.33%7Cr%3D5%7C12%3D0.32%7C63%3D0.10%7C10%3D1.79%7C60%3D0.35%7C62%3D0.42%7C2%3D0.97%7Cps%3D0.380%7C3%3D0.12%7C4%3D3.91&ktd[]=274894749952&ktrkt[]=Top+10+E-Bikes&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2138%7C24%3D103%7C25%3D0%7C22%3D0.0171%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0526%7C14%3D051108%7C15%3D0%7C1%3D0.29%7Cr%3D6%7C12%3D0.23%7C63%3D0.10%7C10%3D1.79%7C60%3D0.52%7C62%3D0.29%7C2%3D3.34%7Cps%3D0.380%7C3%3D0.54%7C4%3D4.17&ktd[]=274894749952&ktrkt[]=Sparkonto+mit+5%25+Zinsen&kwd[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=350438700&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0526%7C24%3D111%7C25%3D0%7C22%3D0.0162%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0460%7C14%3D051108%7C15%3D0%7C1%3D0.60%7Cr%3D7%7C12%3D0.36%7C63%3D0.10%7C10%3D1.79%7C60%3D0.75%7C62%3D0.58%7C2%3D2.07%7Cps%3D0.380%7C3%3D0.26%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&v=1&gdpr=1&geo=50.1%7C8.62&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=DE&wsip=170774882&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22C1QQJj%22%2C%22QQ8E%22%3A%22uWX.fuA.uXX.9%22%2C%22QQQN%22%3A%22q4%22%7D&cid=8CU62MU8E&vi=1683837254136309246&vsid=DefVid&tdAdd[]=asnum%3D39351&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=13&vgd_l1rakh=1683837254124398175&tsrc=entity&sttm=1683837254439&upk=1683837254.7509&hvsid=00001683837254439031177838087894&verid=3111299&sbdrId=99&vgd_ecrid=424785676&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D39351&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&vgd_cfud=230502&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683837254439031177838087894&rc=0&rand=1683837255355&acid=42c1074756dd4f32a6650a975fa46638&matm=1683837255356&vgd_ltimesrc=1&vgd_ltime=1748&vgd_rtime=1280&vgd_etm=19&vgd_l1hcsd=O76z2%7C3082&vgd_l1ch=1&vgd_lhl=1057&vgd_pgid=p11440520134t202305112034&vgd_csip=rtb-common-8549976cf7-rtk7d.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_left_sticky_rail_0__container__%7CDIV-4b757510-a6bd-48a3-8c07-353cf5ee080c&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254136309246&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=938462888&size=160x600&cc=DE&sc=HE&chnm=HARMONY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Thu, 11 May 2023 20:34:15 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Thu, 11 May 2023 20:34:15 GMT
img
pixel.mathtag.com/misc/ Frame FCC8 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=297486&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:15 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 May 2023 20:34:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D978
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date
Thu, 11 May 2023 20:34:16 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control
private
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
90 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
Date
Thu, 11 May 2023 20:34:15 GMT
Via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
X-Amz-Cf-Pop
FRA60-P1
Age
3873610
X-Cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
90784
X-Served-By
cache-fra-eddf8230030-FRA
Last-Modified
Sun, 02 Jul 2017 20:40:57 GMT
Server
AmazonS3
X-Timer
S1683837256.990654,VS0,VE0
ETag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
X-Cache-Hits
1075443
generic
match.adsrvr.org/track/cmf/ Frame FB9D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:34:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame FB9D 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame FB9D 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bql.php
lg3.media.net/ Frame 82BE 		15 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5952&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380ZslekaEuJhrk2EzmUsaIm_rnUUOwvw-c0_RgQa2cjeOREqFeZ3VPV8LFBlI7odAyLP3ZhEmTXjotl5Q-gZqOpJ_tUfavO3VBYybbmzI-ojg%3D&cme=woUXVUCoSbXqO6bzUxARdRcwKRaGNwEBOteio51DiFIC7v_7Q8Xsb3AM9dLp7Zyslv4sVJ29824_7HkHioMWd91hCT2jT9KDRM4KzcjF2tSVWZOXzG5CTpDgS8Elqa-Gic02JUe49IcuHzFpDLPLiSb9O8QryKVx55YJwFoMa8qI7YAn2ZkXqg4wi2Z2CCeIf30lM2NBAUCrXSsY_WSWCUbkxAGkMf7btvQ5zpNmONvJCTSpmH-STg%3D%3D%7C%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7Ct_e69uyEEszLKYTH4kXx_wjwu619ED5_%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7COSKwXugw14CZFtmYS4soeHGuKEUvscjwMchuTxZpe_ECzFmbkzBJRhPBjH_kaUixqh7Z2hLRzisdRdYw5r_0nYSSvAeG21_hAacuh2PNKu3QDEnB3Pj_jKyJKR_uxrkxUTJUJqvvgMMlNaVrM7s1-AoJx1QQyIpd8E56qolTTz6BN5hi5eExpnnFbrnKqWBbpJ5U240HsxCwdMnL9kMOBwJDuKuojcpM0JPPPKpI99ISMhODO-O7hzsPDPe-GrUDZQ5WUizpQ9w%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Kredite+ohne+Bonit%C3%A4tspr%C3%BCfung&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=329465921&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0101%7C24%3D108%7C25%3D0%7C22%3D0.0166%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0453%7C14%3D051108%7C15%3D0%7C1%3D0.43%7Cr%3D9%7C12%3D0.36%7C62%3D0.58%7C2%3D1.58%7Cps%3D0.380%7C3%3D0.49%7C4%3D1.58&ktd[]=274894881024&ktrkt[]=Kredite+ohne+Bonit%C3%A4tspr%C3%BCfung&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0934%7C24%3D77%7C25%3D0%7C22%3D0.0205%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0406%7C14%3D051108%7C15%3D0%7C1%3D0.68%7Cr%3D15%7C12%3D0.53%7C62%3D0.76%7C2%3D3.29%7Cps%3D0.380%7C3%3D0.81%7C4%3D1.75&ktd[]=274894881024&ktrkt[]=Private+Krankenversicherung+im+Test&kwd[]=Hautpflege+f%C3%BCr+reife+Haut&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=330168845&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0777%7C24%3D149%7C25%3D0%7C22%3D0.0132%7C7%3D0.0000%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0453%7C14%3D051108%7C15%3D0%7C1%3D0.43%7Cr%3D16%7C12%3D0.36%7C62%3D0.58%7C2%3D1.58%7Cps%3D0.380%7C3%3D0.27%7C4%3D3.17&ktd[]=274894881024&ktrkt[]=Hautpflege+f%C3%BCr+reife+Haut&kwd[]=Kredite+f%C3%BCr+Rentner&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=329517997&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0536%7C24%3D6%7C25%3D0%7C22%3D0.0468%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0453%7C14%3D051108%7C15%3D0%7C1%3D0.43%7Cr%3D12%7C12%3D0.36%7C62%3D0.58%7C2%3D1.58%7Cps%3D0.380%7C3%3D0.26%7C4%3D2.03&ktd[]=274894881024&ktrkt[]=Kredite+f%C3%BCr+Rentner&kwd[]=Sandalen+f%C3%BCr+Damen&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=326660694&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0250%7C24%3D76%7C25%3D0%7C22%3D0.0207%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0453%7C14%3D051108%7C15%3D0%7C1%3D0.43%7Cr%3D13%7C12%3D0.36%7C62%3D0.58%7C2%3D1.58%7Cps%3D0.380%7C3%3D0.15%7C4%3D2.58&ktd[]=274894881024&ktrkt[]=Sandalen+f%C3%BCr+Damen&v=1&gdpr=1&geo=50.1%7C8.62&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774691&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22C1QQJj%22%2C%22QQ8E%22%3A%22uWX.fuA.uXX.9%22%2C%22QQQN%22%3A%22q4%22%7D&cid=8CU62MU8E&vi=1683837254670197827&vsid=DefVid&tdAdd[]=asnum%3D39351&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=13&vgd_l1rakh=1683837254150484798&tsrc=entity&sttm=1683837254536&upk=1683837255.4106&hvsid=00001683837254536031177838081953&verid=3111299&sbdrId=99&vgd_ecrid=424785015&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D39351&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&vgd_cfud=230302&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683837254536031177838081953&rc=0&rand=1683837255724&acid=53a822b1f0bc4a47a869b1fbc08b6348&matm=1683837255724&vgd_ltimesrc=1&vgd_ltime=2025&vgd_rtime=1596&vgd_etm=11&vgd_l1hcsd=O76z2%7C3082&vgd_l1ch=1&vgd_lhl=1052&vgd_pgid=p11440520134t202305112034&vgd_csip=rtb-common-8549976cf7-rtk7d.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_sticky_rail_0__container__%7CDIV-933e74b5-9df0-43b3-adaf-5ffc0cc037bc&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683837254670197827&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=434553236&size=300x250&cc=DE&sc=HE&chnm=EXPLORATORY&pid=8PO4V7MWK&tpid=T57IE0C&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11440520134t202305112034&essld=uWX.fuA.uXX.9~r4~q4~C1QQJj&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=31&allsc=HE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Thu, 11 May 2023 20:34:16 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Thu, 11 May 2023 20:34:16 GMT
log
hblg.media.net/ Frame CC40 		35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARANDJjMTA3NDc1NmRkNGYzMmE2NjUwYTk3NWZhNDY2MzjUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MjAOMTYweDYwMApldV9iZQQyMxBBUFBORVhVUxI4UFIxMTNKR0MGNDYyABAyNzU4NzUyMAIwPHJ0Yi1jb21tb24tODU0OTk3NmNmNy1ydGs3ZC5CRRI0MjQ3ODU2NzYCMAAgARBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Thu, 11 May 2023 20:34:16 GMT
log
hblg.media.net/ Frame 4B6C 		35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARANTNhODIyYjFmMGJjNGE0N2E4NjliMWZiYzA4YjYzNDjUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MTgOMzAweDI1MApldV9iZQQyMxBBUFBORVhVUxI4UFIxMTNKR0MGNDYyABAyNzU4NzUxOAIwPHJ0Yi1jb21tb24tODU0OTk3NmNmNy1ydGs3ZC5CRRI0MjQ3ODUwMTUCMAAgARBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Thu, 11 May 2023 20:34:16 GMT
img
pixel.mathtag.com/comp/ Frame FCC8 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:16 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:34:15 GMT
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ae86f4dd65c4e172b6835e3ca7199ba5775404599a4a4ddafb1df68280c4fdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230072-FRA
date
Thu, 11 May 2023 20:34:16 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 5B6A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
247975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 12A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305080101&jk=2636712254797744&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683837256369&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1518&pt=-1455535414&tz=0&viewable=true&ddast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

X-Cache-Hits
0
Date
Thu, 11 May 2023 20:34:16 GMT
Content-Encoding
gzip
Via
1.1 varnish
MachineId
1459
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-fra-eddf8230049-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1683837256.373192,VS0,VE216
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4&uad=d8f4f7589e5ecac8f3938b7c06d4496f218a7e0c6ab4eb15596d9c6a3c351367
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:34:17 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame CC40 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsta91ltnvFEF_e65Xy4s0haYnxRIFVNOgpKc9hLVoE-Ak0NRZ-JKej5jco16bZOLCmT177ALH9hUhf9cVNpDxsz0DdZ0rnw2GX-hLFtCOq8hsLbocBS&sig=Cg0ArKJSzEsxzwET3wprEAE&id=lidar2&mcvt=1116&p=487,325,1091,485&mtos=0,1116,1116,1116,1116&tos=0,1116,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=1664998737&rs=4&la=0&cr=0&vs=4&r=v&rst=1683837254069&rpt=1219&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B6C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAs-2S5H2h93bKUst1ZX7hBM9LysKdAqqgYOeu26AFLSZeZi65A97iPJaGoMPbdaxigXSDNcatZhL9K0jVCTEHkoQY2PLxvRl49-pKhZGbvA6GFJDc&sig=Cg0ArKJSzIrIZB0NDtQeEAE&id=lidar2&mcvt=1033&p=487,975,741,1275&mtos=0,1033,1033,1033,1033&tos=0,1033,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2901372812&rs=4&la=0&cr=0&vs=4&r=v&rst=1683837254123&rpt=1291&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5B6A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3EgR3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:34:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vevent
fra1-ib.adnxs.com/ Frame CC40 		0
957 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QK7BOg7AgAAAwDWAAUBCMSi9aIGEMmvsOb2oe6KHxgAKjYJXI_C9Shc3z8RLv8h_fZ12D8ZAAAAoEfhyj8hLg0SACkRJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUIzuxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvS4AZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AL2_1vqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDM0MTQ4NDU3MjY3MDgxNTYyMTRfc2JpZBoTMjIzOTg5OTg2NTU4NzY1MjU1MyIJNDI0Nzg1Njc2KgVNMTE3M8ADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjSoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIzuxsoBiAUBmAUAoAW2js25iIP-sS_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=520d4908eb154447bdc2a64edb364f7c3c4983b7&type=pv&jm=1003&px=325&py=487&bw=160&bh=600&sf=1&sid=3503557261689830846&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587520&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:16 GMT
AN-X-Request-Uuid
01b73d34-fbb1-4222-9333-b97b275b5c83
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
tra.neodatagroup.com/ Frame FCC8 		1 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tra.neodatagroup.com/cm?sid=1&pv=MEDIAMATH&eid=f97a645d-5146-4100-9823-aa4f225e7af0&rt=img&rnd=33465075845
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:34:16 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
img
pixel.mathtag.com/misc/ Frame FCC8 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=156507&check=f97a645d-5146-4100-9823-aa4f225e7af0&mop_top=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=f97a645d-5146-4100-9823-aa4f225e7af0&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D33465075845&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:34:16 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 May 2023 20:34:15 GMT
bqi.php
lg3.media.net/ Frame CC40 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=1970&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=160_600&vgd_ren_page_h=6468&vgde_bdata=~G-MjJzviXF~G8Ovu.9f9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvuF9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hA~OYYMYuv9.uiW~OYYMYu9vu.999~OYYMYuuv9.iW9~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.f9X~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvF~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYHAv9.AHX~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fFi~JMLEYv9.uiW~JLEYv9.uiW~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEvu.9f9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ovu.9f9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGvuof~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=938462888&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683837254136309246&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683837254424&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683837254124398175&l1ch=1&l1hcsd=l1!O76z2|3082&tsrc=entity&sttm=1683837254439&upk=1683837254.7509&hvsid=00001683837254439031177838087894&acid=42c1074756dd4f32a6650a975fa46638&verid=3111299&vgd_sc=HE&infr=1&stime=1683837254096&vgd_ecrid=424785676&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p11440520134t202305112034&vgd_pgids=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Thu, 11 May 2023 20:34:17 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Thu, 11 May 2023 20:34:17 GMT
vevent
fra1-ib.adnxs.com/ Frame 4B6C 		0
957 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QK7BOg7AgAAAwDWAAUBCMSi9aIGEMW_mtn_lb_eSxgAKjYJ1XjpJjEI4D8RipP7HYoC2T8ZAAAAwPUozD8hig0SACkRJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgUPfoxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvS4AZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AK1-1zqAhhodHRwOi8vdWx0cmFzdXJmaW5nLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDM0MTQ4NDU3MjY3MDgxNTYyMTRfc2JpZBoTNTQ1NzUxNDY4MTIyOTI4NzM2NSIJNDI0Nzg1MDE1KgVNMTE3M8ADrALIAwDYA7uiNuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjSoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPfoxsoBiAUBmAUAoAW2js25iIP-sS_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AftzgGKCAIQAJUIAACAP5gIAQ..&s=e01690485c76908aa50341e2ffc9788d0b015bc4&type=pv&jm=1003&px=975&py=487&bw=300&bh=250&sf=1&sid=3503557261689830846&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27587518&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:17 GMT
AN-X-Request-Uuid
1abf4ffa-324f-4372-9fb0-ba54ffc83df4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bqi.php
lg3.media.net/ Frame 4B6C 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=1949&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=300_250&vgd_ren_page_h=6468&vgde_bdata=~G-MjJzviAf~G8Ov9.WA9~G-M1QzvAiAXu~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vCKbb4T~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hW~OYYMYuv9.f9X~OYYMYu9vu.999~OYYMYuuv9.hhf~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fFH~OYYMYfv9.uXW~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuhu.999~OYYMYAFvuhu.999~OYYMYAivuWh.999~OYYMYH9vuWh.999~OYYMYXvu.999~OYYMYXuvuhu.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fFH~JMLEYv9.f9X~JLEYv9.f9X~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuWX.fuA.uXX.9~LMQNvq4~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.WA9~OYYvJ-EjmL17mL5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvYLyoH.9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.WA9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=434553236&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683837254670197827&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683837254522&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683837254150484798&l1ch=1&l1hcsd=l1!O76z2|3082&tsrc=entity&sttm=1683837254536&upk=1683837255.4106&hvsid=00001683837254536031177838081953&acid=53a822b1f0bc4a47a869b1fbc08b6348&verid=3111299&vgd_sc=HE&infr=1&stime=1683837254141&vgd_ecrid=424785015&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p11440520134t202305112034&vgd_pgids=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Thu, 11 May 2023 20:34:17 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Thu, 11 May 2023 20:34:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D978 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQe-12Eo58iD84aTqS79WcI_hje_yL8Ex5E9YVAEoyI2SviMJlBeAVC0eO8z8SbdcCOvSp8tgpZJb4OirbQvyTs108Po9gnewsWd2Zshd-_4vUPMQLhW491SxOTf0zHJImcl2WgQ&sai=AMfl-YTp9BS8y8415_q9lLvZIdBW8XdjmiiaCvzSDpq1A293Ic6kZWF2UxZop7EGYwRWuQhNW8JPh3QZzheGsL23BUtAQ7xgWE82RrX7XgoS-pY2g18SwjneS8nPiddIDDpdKm73HoZjcBrvOW57&sig=Cg0ArKJSzKtXs6idx8OJEAE&cid=CAQSSwBygQiDy0SGsrBN7F6lNEQuX613ji9_Ibqs_l0fi1sMw6qkElTlenXaTRFfGuk-GJ4YG2bE9M78PrcUAbhS50WXL8SVIZP35lvlaxgB&id=ampim&o=40,1076&d=1520,124&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=2201&tls=3204&g=100&h=100&tt=3205&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305080101&jk=2636712254797744&bg=!hoWlhdHNAAYldGN0BXQ7ADkAdvg8Whz94ag71d94VO8GwrYokPE76zh3jY2pSacm8IqUFSyWEwxL2HGDp_-6MiIe9wxBXJbgSNICAAABUFIAAAAEaAEHCgBezqbn3hKyEOo-EEJ8zqQDG6PbBQDFQf0V56RwqssXK1o8mt9IizZEuBBRn4pMxPmpSugh7GccBusUdSyZW4VOLASMNEHAcR2SmD-LEkK9UcZCRj9Qt6v0EIxxC311RZkCtKzQtSKdN-Dv_1yeMiequxfMqGKcc1s-ycFo3PLj8UCWkJ8mK515zzDR5RyTNdZLHas7Q01aoFiVEacAxgJO_iaMjWTYKbNKL2IgrWiv5NQIkbdUfTTrBG5D20BWMWYf5XqZUAEiJDwjyX2MmyMB5AQTd4EGI_1XGFIRPMzdxcI2lKHjhdwpBLc0GAV33zh-8Eci4Wi6SSB2bx86pkb787tL6LdULZsyYIxJT8s9yjoPTd4Z3NPJPN6NpeLaax3FIUJVzGinjcCcXhtVofGmUPx4KXMPJzQ9hYVH2fXTFNS0UHoeNtHKl_NWKiVHgm0zbPH8O-_8R8m1pp70lAuJ5WiplgUSbKy4ACBleleBzDLr57Bu0Ljoysh9N8yq5bmXZ37lz_ercf6ZR6hDFmdq-Zl7YrXzCFxQeF_5fuXjucjtlevbmTFMkkP9zpAY-aWbQQ-WPVwd-uGw1b3MJN1Sc7dR13nyfiuSDqMIGsDgw2IKQiXdpNGDSvKnc3PWFgCpE5I5TA6fnjjuhCFF0emQ2qu-g8PoCNHlLkdVXVweaR1dfFCgWBja5Uory6eKrUdX01fZQQye7G-xh_JyrnljKD0F2iqas3JBPc3cAOUF3r6jkI3tloJ0o2mxaxbz0FGI4SJKSKNOjNGBuFe4h3x-xNJCvxJyR4x6k7f4vCQv4yPt74FZF32rskuUe7KVr5KVAwCHToufLRXwA7XFuC2W2YiCLP6ZxqY6nGpwLaqOKP4LALbkeucA4xpxu51dnwIh1gkMevmiQS3eFf9nqXQWIGh8rDYOUgUw2jHp6aGKZfqIhCXu5pg6G9Rx0eqN0mjFA3JYR7IJvXK9cRTuS2DMdD365-3YIL6DbwUdBHpn1m72yA9M3s8TLHNKkL2jg6DpUKUnHMEeFa98vYQ1AllrP49SNwBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683837259368&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1518&pt=-1455535414&tz=0&viewable=true&ddast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
93a1d1a868c3dce12f92697f85b040edd1682909116dd49c6350642cf8964235

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:19 GMT
Content-Encoding
gzip
Server
nginx
MachineId
1412
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hourlystat
tempstat.bcovery.com/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempstat.bcovery.com/hourlystat
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.70.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
130.70.149.34.bc.googleusercontent.com
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:34:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
hourlystat
tempstat.bcovery.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tempstat.bcovery.com/hourlystat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.70.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
130.70.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 May 2023 20:34:20 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
perf
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/perf?tvi2=84&route=AM%3AAM%3AV&lti=reco-reel-unused-code-remove_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-10_b2-PR-56423-DEV-125021-remove-reco-reel-above-feed-unused-code-9c770b1d195.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:34:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683837262368&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1518&pt=-1455535414&tz=0&viewable=true&ddast=V8BY8CLAacVxSBqo1BKxE4rygCVRuDVioAAABgYID-AMmYNi7ncuZyCzer0Vo0ss3cCsPCuRYMRr7lxDDcjWYeIyAZ08blXM5cbuFmNVqLRraZW2FYONeCwci3nBiGu9HMYwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcFgHZ7Py-wPAAAAACAAAAAASAAMGH6XAKDomjzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxRyiWLbuP91CFScFmEEQAAAIDc6k3SI5N0gopFlf___34rAFcAAAIQGQrngrLoDkq8hQEAAAAYs0APi99vdtg1frfL_P________-b-T_zj0aoKYo9TRBGFLuaX0AAgDW_gAAAbMYNAMAbAThBh6AVg8HqJNBgs5ksZqvh7AAAAADc-f___9cDMs6Fa7KxuEYrj8fhWiycC8tyMdtNXMbRyLgZrLZHGmGrDFoyd7ZPiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-zMQi80ATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoimBtMjCuLcbmWGVejtWhlWq4lDsvMrbHMTMuRyWPbjTxu0etjurhmI9vGtEWCASh7kTwt0olsNhwtZr7BZOMcOZfLycq38JhMm9nKtBwunJuFRSzRnCzSieyy7zgXrsnG4hqtPB6Ha7FwLizLxWw3cRlHI-NmsNr3BhPjymJcrmXG1WgtWpmWa4nDMnNrLDPTcmTy2HYjj1v0-pgurtnItjHtG7PhZrjZTVaTfWM23Aw3u8lqsu8wmZ6pz9koruUkHp9YNrs8DTanQeEyWLw_iWkx7c4OopPv6NRJVcqizuj3-_1-v9_v9_v9Bq3nYDYofH9rdff8zWzZvkt2EBsMilgiuEgnqrPp8vC8Lje36my6PDyvy80ilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jx5iuJpLFpu5YrWaK2ajVQIAAAAAAAAAsATTTDcBAAAAcDKQzWKxWa3TQWw2o9lutVwAEPHzugAAAAAAAAAAdqEXhY1b6aXaFWvssYk6my4Pz-tyc6vOpsvD87rcrAwAIp6d2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7gKrKhR-5UOz5EeRustw_ABVirVar2421Wi0!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=eidc_vB!nonrv_vA!nrlc_vA!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d5ec6037ab4fb471bb444bd2a4b170f3ce9f098c6c06675032e71719e8963bcf

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:34:22 GMT
Content-Encoding
gzip
Server
nginx
MachineId
1477
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cat.hbwrapper.com
URL
https://cat.hbwrapper.com/
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2037571623&i6=2a03:1b20:6:f011::4e&r=http%3A%2F%2Fultrasurfing.com%2F
Domain
c.amazon-adsystem.com
URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

426 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| __cfQR function| gtag object| dataLayer object| _taboola string| bs_id_1716 boolean| __cfRLUnblockHandlers object| aawChunk object| aaw object| _pbjsGlobals object| googletag object| apstag function| docReady object| mnet object| liQ_instances object| TRC object| _tblConsole undefined| msg object| _comscore object| _gcio object| COMSCORE object| ns_p boolean| apstagLOADED object| apscustom object| _aps object| google_tag_manager object| google_tag_data object| lotame_sync_16576 function| ha object| _qevents number| year object| _exaudiadapex boolean| pcommonID function| GCIO function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| ggeac object| google_js_reporting_queue object| hadron boolean| __halo_loaded__ function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| quantserve function| __qc object| ezt object| _qoptions object| $jscomp object| _neodataTags function| _neoJsPiggybackHandler function| s_hsp function| pb_sdp number| mt_gdpr_on object| mt_gdpr_content boolean| pb_4 string| pb_9 number| mt_ext_stat number| mt_ext_stat_send boolean| mt_bid_cache boolean| mt_cmp_on number| mt_cmp_opt_lvl number| mt_dbstat_on number| mt_dbstat_cmp_only boolean| pb_l_result_found number| pb_8 number| pb_gv object| mt_temp_params number| mt_global_build_time object| mt_special_params object| mt_stopped_tags object| mt_google_slot_statuses object| pb_cl function| mt_get_container number| mt_start_loading_time function| pb_lg function| mt_add_temp_param function| pb_th function| mt_add_hb_history function| mt_add_google_history function| pb_ib function| mt_search_divs function| mt_search_div function| pb_f function| pb_f_sub function| pb_i function| mt_gtt function| mt_get_tag_by_id function| mt_get_tag_by_block function| mt_get_el_desc function| pb_l function| pb_sc function| pb_cp function| mt_get_geo function| mt_check_image function| intFromBytes function| bin2String function| pb_cb function| check_double_time_diap function| check_time_diap function| pb_rds function| pb_rdn function| pb_rde function| pb_ggr function| pb_ci function| pb_cg function| pb_cc function| slsc function| clsc function| glsc function| pb_glv function| pb_clo function| mt_check_block_mask_id function| mt_check_block_pattern function| mt_check_mask_pattern function| mt_undnone_elements function| pb_pi function| pb_v function| pb_xr function| mt_set_tag_leveling function| mt_get_day_of_week function| mt_put_wrapper function| mt_custom_replace function| mt_check_have_childs function| mt_use_teplate function| und function| mt_rp function| clear_id function| mt_check_ip function| mt_throttle_check function| lrm function| lgf function| chr function| adh function| mt_filter_script_repeat function| mt_filter_custom_triggers function| mt_filter_stop function| mt_filter_sizes function| mt_filter_iterations function| mt_filter_cmp function| mt_mlt_filter_template function| mt_mlt_filter_auto_placement function| mt_mlt_filter_multi_blocks function| pb_fsbl function| mt_bl_ex function| mt_ch_mltb number| mt_prebid_timeout_default number| mt_prebid_timeout boolean| mt_prebid_timeout_changed function| pb_h function| pb_rn function| mt_native_try_tag boolean| mt_window_focus_state function| pb_srl function| pb_a function| pb_pt function| mt_dt function| pb_s function| pb_spt function| mt_execute_passback function| pb_p function| disp function| pb_e number| mt_google_collector_activate_attempt function| mt_init_google_history function| s_g1 function| mt_receive_google_event function| mt_process_google_event function| mt_set_google_size function| s_g2 function| mt_check_google_ready function| mt_google_detect_activity function| mt_get_google_slot_by_id function| mt_clear_google_id function| mt_get_google_iframe_ad function| pb_st function| pb_ss function| pb_se object| cmp_list object| pb_lg_buffer function| mt_get_cookie function| mt_register_cmp_events function| check_cmp_timer boolean| mt_cmp_refresh_activated function| check_tcf_api function| mt_refresh_tags_cmp number| variable_1 object| didomiEventListeners object| mt_custom_triggers object| mt_custom_triggers_to_tags object| mt_custom_triggers_functions function| pb_pttg function| mt_process_triggers_array function| mt_process_triggers function| mt_process_trigger function| mt_process_filter function| mt_get_var_sub function| mt_check_google_ad_targeting function| mt_client_stat_add function| mt_add_client_stat function| mt_clear_client_stat function| mt_send_client_stat function| mt_client_stat_show function| mt_add_google_event_stat_click object| mt_client_click_iframe_stat_object function| mt_client_add_click_event function| mt_client_analyze function| mt_tag_have_deamon_leveling function| mt_client_deamon_leveling boolean| mt_blur_event_added function| mt_hbstat_process function| pb_so function| mt_add_dnone_stat function| mt_send_googletag_stat function| get_recursive_object function| mt_check_double_impression function| mt_send_double_impression_stat function| mt_start_double_impression_timer function| mt_add_google_send_stat_temp function| mt_add_google_send_stat function| mt_send_google_statistick function| mt_stat_get_connection_type function| mt_stat_get_os_type function| mt_stat_get_device_type function| mt_stat_get_browser_type function| pb_m function| pb_d object| mt_outdata object| mt_words_dict object| tag_templates function| mt_statistick_tick function| mt_add_ticker_statistick function| mt_send_ticker_statistick function| mt_set_timing function| mt_have_timing function| mt_round_timing boolean| p object| pb_t object| PublisherCommonId function| onYouTubeIframeAPIReady object| gaGlobal number| pb_5 function| setImmediate function| clearImmediate object| ID5 boolean| element_in_viewport object| pb_10 object| au undefined| google_measure_js_timing object| mt_google_history boolean| mt_google_collector_activated string| nam object| placementData object| mt_throttle_timers object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| mt_google_stack object| cmTag object| GoogleGcLKhOms object| _cm_wfCounters string| lastWfUrl object| _mNDetails object| img function| MtBts function| metric object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category number| lnt_z number| pb_0 number| mt_time_old function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer number| mt_time_new object| google_image_requests object| mt_pb_history boolean| white

29 Cookies

Domain/Path Name / Value
ultrasurfing.com/ Name: _uc_referrer
Value: direct
ultrasurfing.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEwxKL1ogY4AUABSAEQxKL1ogYYAA..
.adnxs.com/ Name: uuid2
Value: 920203302470529155
.rubiconproject.com/ Name: khaos
Value: LHJL833K-X-BAF5
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB36CzFn7vBsnD5APvdogVCbaTd6KyMQnau+SmvwaNDOnrCDJ0KFx7EI9o4CW9FCQy2O1cY3TuAeAeBxGCOXoSK1qthgj1jQEsHc6UO785F0Pw==
.prebid.a-mo.net/ Name: __amc
Value: 1_1683837252_1683837252
.ultrasurfing.com/ Name: _ga_Y4YW22RJ0K
Value: GS1.1.1683837252.1.0.1683837252.60.0.0
.ultrasurfing.com/ Name: _ga
Value: GA1.1.984528084.1683837253
p2.gcprivacy.com/ Name: gcid
Value: bcd1bb96-25fb-488b-abd4-ef09bde7409d
ultrasurfing.com/ Name: gcid_first
Value: bcd1bb96-25fb-488b-abd4-ef09bde7409d
.quantserve.com/ Name: mc
Value: 645d5144-bca89-13313-88582
.ultrasurfing.com/ Name: __qca
Value: P0-236487220-1683837252419
ultrasurfing.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D70b8eb89-f854-4e49-ba2f-c2f49ddc67dc-tuctb56d6c4
ultrasurfing.com/ Name: _lr_retry_request
Value: true
ultrasurfing.com/ Name: _lr_env_src_ats
Value: false
.liadm.com/ Name: lidid
Value: 1cd57f98-697e-4286-ad31-e9235de8f983
.neodatagroup.com/ Name: cProfile
Value: AQMQGQrw3gWbAAAAAAAEAAABiCEe6G8AB2RlZmF1bHQ=
.ultrasurfing.com/ Name: __gads
Value: ID=5c972813ee17eb56:T=1683837253:S=ALNI_MZg7ZRSEUkHcjPHPIVHWxjZByB_xA
.ultrasurfing.com/ Name: __gpi
Value: UID=00000bf9945b59f2:T=1683837253:RT=1683837253:S=ALNI_MagJeWgAmqRVR33ug018OE4rIYQVQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnJ2Jf3msuU9oVugqGcoR01HOvyavUzp30OtuJk-dgtp9gHU-RBeqs2YSmug5E
.neodatagroup.com/ Name: cP
Value: ARsDEBkK8N4FmwAAAAABrDjS
.neodatagroup.com/ Name: cOptout
Value: 0|yocToken:H59YMWuxBInkdbg2AFxU7Nn6Zhg
.mathtag.com/ Name: uuid
Value: f97a645d-5146-4100-9823-aa4f225e7af0
.yahoo.com/ Name: A3
Value: d=AQABBEVRXWQCEBHrNJqNOut7avh8ZYL9kPwFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAj3B1cLVdGlsmrxZNQoE_z4
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.mathtag.com/ Name: mt_mop
Value:
.doubleclick.net/ Name: DSID
Value: NO_DATA
.neodatagroup.com/ Name: tr
Value: loCAwIKjREJNzmReosapTUVESUFNQVRIzmReosiAg9oANDMxMDE5MGFmMGRlMDU5Yl9mOTdhNjQ1ZC01MTQ2LTQxMDAtOTgyMy1hYTRmMjI1ZTdhZjDOZF1RSNoAKzMxMDE5MGFmMGRlMDU5Yl9DQUVTRUxTeG9kMUZ3clFRQ3Bwdlc4bEg5TGfOZF1RRtoANDMxMDE5MGFmMGRlMDU5Yl9mYzQwZTZjNy0xODQxLTQyOTgtODM5ZC05YjhmNzMzZDE3MjLOZF1RRg==

7 Console Messages

Source Level URL
Text
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2037571623&i6=2a03:1b20:6:f011::4e&r=http%3A%2F%2Fultrasurfing.com%2F' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2037571623&i6=2a03:1b20:6:f011::4e&r=http%3A%2F%2Fultrasurfing.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idx.liadm.com/idex/prebid/any?resolve=nonId
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a307d042974bbc1ad718c8560d165497.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.neodatagroup.com
cat.hbwrapper.com
cdn.adnxs.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
ghb.adtelligent.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imprammp.taboola.com
increaserev.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lg3.media.net
match.adsrvr.org
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.mathtag.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
qsearch-a.akamaihd.net
region1.analytics.google.com
rt.marphezis.com
rtb.openx.net
rules.quantcount.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tempnextstat.bcovery.com
tempstat.bcovery.com
tlx.3lift.com
tpc.googlesyndication.com
tra.neodatagroup.com
tracker.neodatagroup.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
warp.media.net
wf.taboola.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youronlinechoices.com
x.bidswitch.net
api.rlcdn.com
c.amazon-adsystem.com
cat.hbwrapper.com
fid.agkn.com
104.111.217.42
104.18.24.185
13.32.119.77
13.32.121.37
141.226.224.32
141.226.228.48
141.95.98.64
142.250.186.130
147.75.84.158
151.101.1.108
151.101.1.44
151.101.129.44
151.101.65.44
162.19.138.82
172.217.16.134
178.128.135.204
18.194.247.115
18.66.122.63
2.16.241.19
2.18.233.201
2.18.235.93
20.101.38.191
2001:4860:4802:32::36
212.82.100.182
213.19.147.43
216.52.2.91
23.205.176.78
23.212.88.20
23.35.228.23
2600:1901:0:8344::
2600:9000:223c:6800:6:44e3:f8c0:93a1
2600:9000:223c:8a00:6:44e3:f8c0:93a1
2602:803:c004:200::140
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:7e
2606:4700::6810:84e5
2606:4700:e6::ac40:c516
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9a
2a02:2638:3::c
2a04:4e42:400::300
2a04:4e42:600::485
2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba
2a06:8640:454::2
3.73.41.176
3.75.62.37
34.107.148.139
34.117.132.248
34.149.70.130
34.254.125.132
35.186.253.211
37.252.171.21
37.252.171.52
37.252.171.84
40.85.112.191
44.205.127.242
44.213.190.84
46.51.163.206
51.75.86.98
52.222.208.154
52.223.40.198
52.23.141.230
52.58.235.64
54.75.237.72
65.9.66.122
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
00b14a5e4ae80b77283603d47e4ea2c2d560fba1be1117b68089594472ad6f28
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
041fae49bdc332d692b89d7d8c708dfb28f175d10cddaf1959c1bb46ddd4d3c5
047e347a8ec91fafaa9b2679f53d0f2ff3bb5a7dec4ff54f1003599652cb3956
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0986f60f970d2489a3f4bb0b9c8250b7cab17556acae46f95c6a51a6a20e9db5
0f6745354da9c7a7f633c9cfb55ca9f3c83ac1cbf5e7f8080e055b21e65fd745
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
135d83e67c4f18083b3b08d487756caac6722b78b507f63bc663b3301f32b670
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1970cd7aee0ad2d02f90fd0d1fd6e7bd0932794e6973cd1264a161b978694478
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cbc6426b069330c054993f1c434f91e2bf464ad386236d1b557483d7baa4dd1
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f
23632e7b14909669606c1fcb4918fd150bb663961b99e010615918a39d6bd1a2
26e2ab941160a7e8244df2de1737a97747fd85f3385f1a1257d632cb89c16954
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2a48dfc97ac2c2850db1532c61824c9b307b01b8a1ef2849f2f53ab4a01fb0ad
2b52017bc5d7d1528e3f56ed9c1731773f2e42e131ecf888f7bcbd262f17e7c3
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
357d451ba51323303d179a2abecbd9a78cce9a6458d7a604007a180d92ca72e0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
381f1a1f0167a6aae2158545e29b1fd018e0d77ccb6acc2af86d4b1f0feb79d2
3857634543824c46b5f1f435e9375e75e0ad96b16d9bf4525e54f0f14bfb25e8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c6a9ccc522188d4745ca6d4ff809131467bcad0e3c925085b71960e9771ac45
3da4a4b1e17b7152831eaf249f52db7f801324173ed922109c68f12d1d47c8c6
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f44586d889797db034c2d2358726f8032fa570a850a086a20d683b837b6560c
3f5b2f50d50334b13c63616588d6fbf517a7ff4d259742693aaafede954f0145
3f8cc133b23963951a3967fd8d159a5dc7abc5c9778d027d5b7da05f284cb97c
42b83c17384dea542921c18a2974d3a562173dd5d58cd585a8274499345f6779
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45702888e715067a6eb82ab454ea9938b6b3f043b18044987988a7ec69e27bb6
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c8e4601ccc3c7b4f8a900390a768690a91ec0bf18fd362fe4479c2a9de6434
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48ebb1624fe4977e9d535d2cc561abd81631ac25049888f53ab342c15e2c98b1
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
4b335f65a9002e20099c1f16c441802677a12f17dfffa2a8a313e92bb46b2d41
4b44533d0c5f7b99883115e37633b2bb346aaa6b6e5e5fc171e798018fad8732
4c15edfbcd1b7a2619a909234dd48a5ed963716a34e5c32f6dd1a7a120f5e265
4d02b8a884a3533a2423cda2af6cde31ac62acae1b8afb87604ea47205fadd84
4d19ab81e7d6227fdeb69c10352b2b755d740d71b0174f71096b5678386ad3e2
50ac7f22b51e7f975fc7c9ccbc24227fa77733b877c2e66fe0a95792bce2983d
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564522bd289cbf39daf5290cb12afd0b813a9c0bbe81e086e76998da2c9b23a9
57dca8dcf6bbb387a2532c5d179238036d64ab7e0e72d1d5a1c2f1e89d3c3436
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6278300ca6d782967a99237baed59057a5c00d1c240be683b1e639798c08c7fb
6572d645979538e657c8eebb05a54633ae32b38bdf06daaa145bd4f8f3b2713b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
675cd2113004b1b2ac3202cd9348583957f9ca63293d91a1211ae2f2b7d05254
67b81a5483b884523dfc5eeb0358b1e9cdf3054489ee4bc807321fcd0d94786a
68d5c13d67b82affc230308bf302228324589cf949a6bbdcb9ce5bf831e60adb
6aeb1571eb0583d914b38dd995eb56112508ae859c6fe5e53a240d2cde15a73c
6b3131a78a372947a287ca52a713f2743e6327fd49308f666c3c7cadf684e36f
6b7b5160edafc088498a26597d7800cf100ea42cd3a12fb8e37cfcfa54e7a68b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbfb98421eefd392e46bafb2f383f29914c539ca2a9fed166eb45b66ac3a340
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0
6da7543e40096edd164b32094a1a2fca2a40d50b62f27f34345b0aaa771bf973
6e9c40bcb1a03b5748a36ee6be4324ebf6eec01c011db36c99f447b789c1e8fe
6fe29c8d20e555a4ec3981a24a9c7161ba0f6b09c00ba97bc4fa747de7d4327a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ec91d1e957c0a32c3911b890becde15ec296f6672e55cd0f0e0bd918a42928a
7f6a1daab5bd5eece66cb47c368879454d07f309076d7ef81174b839b6727414
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80740daf68e1f4b4dee26e9170c65ae4229fcf65bcac16c4e0169f4519127868
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
850db36fa7d3391441934a0dd53fd23565b6aa473490306851ff7c8a7ee45cfa
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93752866e697923600a45a3eb842caada082a99e39ae203967c285d70867511f
93a1d1a868c3dce12f92697f85b040edd1682909116dd49c6350642cf8964235
9457f927fff4ba90f3cca9cb46adc374d4831d0c874a2d7da360184a97d318db
9628677ca7c9da531f5ad0cda5de5cd9670879d2ba0a99f7a29b53ab85cb03e5
9831b282c3482dac51c808568a1c54d0d135ceacd48e1228cd7559e5b50c1bfb
984974b85250965fb864f580aee7f46131ea97e843e21b58289513e33685c31b
99207a6dba899f1022d366c5f82f4d46ad0201804b792f9982b0a02d850a81f2
99cde5144dcc918f1f9fe5195285b022d3fa9f549044ba8f9115bd309f39ee39
9a36f8a91eae717d981df66f4ccd68786cec5d83de3b21f9378551388cecfcd9
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9d7a957eb528dd2b69aa5819f48434fe932722764b636fb1dce56dcb46cd46a9
9dd5d6a7427a004c65db35043d00803c66e4a997d75840440ff670a5adbcde67
9f77ab9caba51216bcfa68403730f8c2b0b3426f78aa83a7b10287d7fa708176
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a39d0ddefb193b5bb0551b127febb9461672197e195b7ccf9aed8b465580eaf4
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a3b7b1a286b592ea87cec838662e9841266b255a4754f3ea835d5f01b7e36b39
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50bc3a8e3e0aac4ac3596f5a0becb922c7499ba33bc2389e88de028ef50d956
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a71f5b997ffb9327f0e738dc7f947b7c56d12235171322fa58e781cdef9fea29
a8c7af98a343460cc0320f4f5a5bf266e86619b2cdd23d787dab758269439daa
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab5a5efb74050059bb5fffb479cfcaeb3b33eee913543e0512a8f4a7bdcc2cfd
ab65df6d93c8d3520d4d9be429ed4e0c75efd6cfcc0035264bc0fb4ca602f67b
ae7673c07b432af8a15f755fc93fa4b92c7a4202bfd6fc85b086885fa4973622
ae86f4dd65c4e172b6835e3ca7199ba5775404599a4a4ddafb1df68280c4fdcb
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b09b366c27f31a798adc5d47c57fa03f23a3f0ef6c0f9bfec8d8ff67279e3252
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2801765f598e412092fcea371c1e7e1c1eca752fa1e7750ba69758af2740379
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b3d36092c1113ab49bb1fdafec5b99cd5c0bdfc2a74828d46a088a95a057bb2a
b44d59b6d0e3be9260bffad9b7dc048a60ca8fc93f82e05e49b0a465c45fe579
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264
bbc2786e581a3bd7580ef0d0dd40a4eead8c9c7401839af85e31ea22f95cc92e
bd8ca82a2e1c5ce003714f3037c16ca0ad98580c58498ecde003f233364d2317
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c5f4068707ae8a4ea8d64c8e4e27e1c1047c9f497e98df216d84b39aa5d87ba5
c645b2297568c10fd6b2a345d2cda9abd7e1266845d2778be66216342cefabc9
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8e539c32bfbcd62f3df27531a558077a11e7fc6dc08b6abfce524da6220bda6
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ceec3aa04199149a6578595541ce760e047dfb5118b077b9882559a5fee24837
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d23163cec3ffaff234a508d70ad3ad20d0fad41a922d79639ae0eaf59b71af88
d2c75b6981775f00c5233cda525d0105181a31fcab1ddc0f6d674e11c18bc77f
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d5ec6037ab4fb471bb444bd2a4b170f3ce9f098c6c06675032e71719e8963bcf
d6322ac057fb2fd7c1d84bfce01197559c6ce6ed543009dc2b5b5ac62cabafa8
d74a4e252e1059a11ff1392a9e260f29593eb1ceca0d42e1c1f5fa0894eae717
d8f72ee0fb18a8de1ee11d20d81bf2b83c24254df8f11f55fb4e56b78d322327
ddd4968084c794b22b923d972baa11298e5a6a7bb2289613bc3e70bb6e6076e6
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0ebd7715e5637894606d95df4c069ee85b311457767b21a73a02a2f127df738
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e31e19bcf1d1ad6075e43816f250b814cd4bafde0510de88d930d24b196accc6
e3ab0fc293f6ed37378c828063216385b51bd9396900f10018cdc38a57e0292e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406fb4f7dbfce57c33d912e59ee75eba5df2ac5fff4ba73fa401712ce99c742
e55cd3cd9f6482e766364d3c2e50de3508709dd5832e267f9ae80806938b000a
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09dffd34fa1f5e0b6ee3573fe7ec4ab2aaaf2974252f14cfa7a35bf6be74729
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277
f21a91e571aeff941f70b1bf65d0e933ae90660f880db40f581868bb4cc3d079
f5ad649aa54da9be1d6a397bcef06b6424a2798a6fceb44d3421aec357ac9d17
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7fd2120b697beb25fb623a3e4388028c34d418ab149779669956e9053bc1c0b
f92c342fb7abf81a360832f55d3df80b35b51ee667b7337f2ef9ef519175cf91
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe9a408a74a41daed123477ed0ac0042f6962731de035d3bdebb54e23fda4527