urlscan.io logo urlscan.io
SecurityTrails logo

ultrasurfing.com Open in urlscan Pro
2606:4700:e6::ac40:c516  Public Scan

Go To Rescan Add Verdict Report
URL: http://ultrasurfing.com/
Submission: On May 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 79 IPs in 10 countries across 52 domains to perform 310 HTTP transactions. The main IP is 2606:4700:e6::ac40:c516, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 338016.
This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
85 151.101.1.44 54113 (FASTLY)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
1 4 52.222.208.154 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.105 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
2 2606:2800:233... 15133 (EDGECAST)
2 213.19.147.43 26120 (RHYTHMONE)
1 18.66.122.63 16509 (AMAZON-02)
1 9 37.252.171.85 29990 (ASN-APPNEX)
1 216.52.2.91 30282 (AS-INAPCD...)
1 51.89.9.253 16276 (OVH)
1 147.75.84.158 54825 (PACKET)
1 54.75.237.72 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 18.184.127.5 16509 (AMAZON-02)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 18.194.183.76 16509 (AMAZON-02)
1 62.149.23.112 15497 (COLOCALL ...)
1 34.107.148.139 396982 (GOOGLE-CL...)
3 2602:803:c003... 26667 (RUBICONPR...)
1 178.128.135.204 14061 (DIGITALOC...)
1 52.222.209.4 16509 (AMAZON-02)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
1 23.205.176.78 16625 (AKAMAI-AS)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.204.157.234 14618 (AMAZON-AES)
1 35.171.180.138 14618 (AMAZON-AES)
1 108.128.23.9 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.19.138.120 16276 (OVH)
12 141.226.228.48 200478 (TABOOLA-AS)
4 172.64.103.36 13335 (CLOUDFLAR...)
2 34.117.132.248 396982 (GOOGLE-CL...)
3 162.19.138.119 16276 (OVH)
1 2 142.250.181.230 15169 (GOOGLE)
1 2600:1901:0:8... 15169 (GOOGLE)
1 44.209.73.107 14618 (AMAZON-AES)
1 46.51.163.206 16509 (AMAZON-02)
1 104.111.217.42 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.65.44 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
5 35.71.131.137 16509 (AMAZON-02)
4 2a05:d018:d29... 16509 (AMAZON-02)
1 52.28.75.191 16509 (AMAZON-02)
4 8 20.101.38.191 8075 (MICROSOFT...)
1 7 2.18.233.201 16625 (AKAMAI-AS)
3 5 142.250.74.194 15169 (GOOGLE)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 3.71.149.231 16509 (AMAZON-02)
4 23.37.63.179 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
15 2.18.235.93 16625 (AKAMAI-AS)
3 2.16.202.121 20940 (AKAMAI-ASN1)
12 23.35.228.23 16625 (AKAMAI-AS)
12 37.252.171.22 29990 (ASN-APPNEX)
3 151.101.65.108 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 8.43.72.97 26667 (RUBICONPR...)
2 4 67.220.228.201 16509 (AMAZON-02)
6 23.212.88.20 16625 (AKAMAI-AS)
3 23.32.184.180 16625 (AKAMAI-AS)
5 6 69.173.144.138 26667 (RUBICONPR...)
1 2 52.46.151.131 16509 (AMAZON-02)
1 2620:109:c002... 14413 (LINKEDIN)
310 79
16    2606:4700:e6::ac40:c516 (United States)

ASN13335 (CLOUDFLARENET, US)
ultrasurfing.com
1    2606:4700:20::ac43:4a72 (United States)

ASN13335 (CLOUDFLARENET, US)
increaserev.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
85    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
vidstatb.taboola.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
17    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
c.neodatagroup.com
2    213.19.147.43 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
p.gcprivacy.com
9    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.75.237.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-237-72.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    18.184.127.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-127-5.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    18.194.183.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-76.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    62.149.23.112 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc86365-06.cc.colocall.com
ghb.adtelligent.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
1    52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    2600:9000:223c:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:223c:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    23.205.176.78 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-176-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    52.204.157.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-157-234.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    35.171.180.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-180-138.compute-1.amazonaws.com
p2.gcprivacy.com
1    108.128.23.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-23-9.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
2    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
12    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
4    172.64.103.36 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
2    34.117.132.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.132.117.34.bc.googleusercontent.com
tempnextstat.bcovery.com
3    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    44.209.73.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-73-107.compute-1.amazonaws.com
idx.liadm.com
1    46.51.163.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
at.teads.tv
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
imprammp.taboola.com
wf.taboola.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    2a05:d018:d29:3605:e341:f6b2:dd43:a873 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.28.75.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-75-191.eu-central-1.compute.amazonaws.com
x.bidswitch.net
8    20.101.38.191 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tra.neodatagroup.com
tracker.neodatagroup.com
7    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
3    2.16.202.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-121.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
12    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
12    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hblg.media.net
3    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:109:c002::6cae:a14 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
100 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 990
trc.taboola.com — Cisco Umbrella Rank: 657
vidstat.taboola.com — Cisco Umbrella Rank: 2777
am-trc-events.taboola.com — Cisco Umbrella Rank: 16166
trc-events.taboola.com — Cisco Umbrella Rank: 1941
images.taboola.com — Cisco Umbrella Rank: 2040
imprammp.taboola.com — Cisco Umbrella Rank: 14139
am-match.taboola.com — Cisco Umbrella Rank: 14462
wf.taboola.com — Cisco Umbrella Rank: 2914
am-vid-events.taboola.com — Cisco Umbrella Rank: 13263
vidstatb.taboola.com — Cisco Umbrella Rank: 5371
am-wf.taboola.com
7 MB
34 media.net
prebid.media.net — Cisco Umbrella Rank: 1430
contextual.media.net — Cisco Umbrella Rank: 635
warp.media.net — Cisco Umbrella Rank: 2557
lg3.media.net — Cisco Umbrella Rank: 5916
hblg.media.net — Cisco Umbrella Rank: 2153
413 KB
27 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 440
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8816
cdn.adnxs.com — Cisco Umbrella Rank: 1649
acdn.adnxs.com — Cisco Umbrella Rank: 611
165 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
174 KB
16 ultrasurfing.com
ultrasurfing.com — Cisco Umbrella Rank: 338016
108 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113
token.rubiconproject.com — Cisco Umbrella Rank: 600
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
26 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
41 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
121 KB
10 neodatagroup.com
c.neodatagroup.com — Cisco Umbrella Rank: 29625
tra.neodatagroup.com — Cisco Umbrella Rank: 25893
tracker.neodatagroup.com — Cisco Umbrella Rank: 28041
20 KB
7 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1097
6 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1102
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
4 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 4299
2 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2767
a.ad.gt — Cisco Umbrella Rank: 3173
4 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
id5-sync.com — Cisco Umbrella Rank: 444
19 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
804 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
158 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2195
888 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1195
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
12 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4217
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
208 KB
2 bcovery.com
tempnextstat.bcovery.com — Cisco Umbrella Rank: 123119
83 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
804 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
455 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1077
1 KB
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 972
x.bidswitch.net — Cisco Umbrella Rank: 324
386 B
2 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 25748
p2.gcprivacy.com — Cisco Umbrella Rank: 22560
10 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 755
163 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1129
pixel.quantserve.com — Cisco Umbrella Rank: 945
10 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5171
adservice.google.de — Cisco Umbrella Rank: 7680
939 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
798 B
1 teads.tv
at.teads.tv — Cisco Umbrella Rank: 4895
338 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 4194
474 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2041
250 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2665
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1194
17 KB
1 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 17746
172 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6379
2 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
555 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
569 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1307
258 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 661
225 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 983
278 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
363 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
503 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
1 KB
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 125
454 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 17836
260 B
1 increaserev.com
increaserev.com — Cisco Umbrella Rank: 135140
171 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 agkn.com Failed
fid.agkn.com Failed
310 52
Domain Requested by
52 images.taboola.com cdn.taboola.com
21 cdn.taboola.com ultrasurfing.com
cdn.taboola.com
16 ultrasurfing.com ultrasurfing.com
15 contextual.media.net increaserev.com
contextual.media.net
ultrasurfing.com
12 fra1-ib.adnxs.com increaserev.com
ultrasurfing.com
cdn.adnxs.com
10 securepubads.g.doubleclick.net increaserev.com
securepubads.g.doubleclick.net
ultrasurfing.com
www.googletagservices.com
9 lg3.media.net ultrasurfing.com
contextual.media.net
8 ib.adnxs.com increaserev.com
acdn.adnxs.com
7 pixel.mathtag.com 1 redirects pixel.mathtag.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 hblg.media.net ultrasurfing.com
6 am-trc-events.taboola.com cdn.taboola.com
6 trc.taboola.com cdn.taboola.com
5 cm.g.doubleclick.net 3 redirects eus.rubiconproject.com
5 tracker.neodatagroup.com 3 redirects
5 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
4 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
am-match.taboola.com
4 pr-bh.ybp.yahoo.com am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
4 metrics.getrockerbox.com cdn.taboola.com
4 gum.criteo.com 1 redirects increaserev.com
4 c.amazon-adsystem.com 1 redirects increaserev.com
c.amazon-adsystem.com
3 acdn.adnxs.com ultrasurfing.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 cdn.adnxs.com increaserev.com
3 warp.media.net increaserev.com
3 qsearch-a.akamaihd.net increaserev.com
3 tra.neodatagroup.com 1 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
increaserev.com
3 id.hadron.ad.gt cdn.hadronid.net
increaserev.com
3 fastlane.rubiconproject.com increaserev.com
3 www.googletagmanager.com ultrasurfing.com
increaserev.com
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 s.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 am-vid-events.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 ad.doubleclick.net 1 redirects
2 tempnextstat.bcovery.com ultrasurfing.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
increaserev.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 rules.quantcount.com 1 redirects
2 targeting.unrulymedia.com increaserev.com
2 c.neodatagroup.com ultrasurfing.com
c.neodatagroup.com
2 sb.scorecardresearch.com cdn.taboola.com
1 am-wf.taboola.com vidstat.taboola.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 vidstatb.taboola.com
1 www.google.com tpc.googlesyndication.com
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 secure.adnxs.com 1 redirects
1 x.bidswitch.net am-match.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 at.teads.tv increaserev.com
1 id.crwdcntrl.net increaserev.com
1 idx.liadm.com increaserev.com
1 lexicon.33across.com increaserev.com
1 a.ad.gt cdn.hadronid.net
1 trc-events.taboola.com
1 pixel.quantserve.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 p2.gcprivacy.com p.gcprivacy.com
1 cdn.id5-sync.com
1 cdn.hadronid.net ultrasurfing.com
1 tags.crwdcntrl.net ultrasurfing.com
1 secure.cdn.fastclick.net ultrasurfing.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 rt.marphezis.com increaserev.com
1 prebid.media.net increaserev.com
1 ghb.adtelligent.com increaserev.com
1 tlx.3lift.com increaserev.com
1 htlb.casalemedia.com increaserev.com
1 grid.bidswitch.net increaserev.com
1 rtb.openx.net increaserev.com
1 ads.yieldmo.com increaserev.com
1 prebid.a-mo.net increaserev.com
1 onetag-sys.com increaserev.com
1 ap.lijit.com increaserev.com
1 p.gcprivacy.com increaserev.com
1 secure.quantserve.com www.googletagmanager.com
1 www.google.de
1 cdn.jsdelivr.net increaserev.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cloudflare.com increaserev.com
1 cat.hbwrapper.com increaserev.com
1 increaserev.com ultrasurfing.com
0 api.rlcdn.com Failed increaserev.com
0 fid.agkn.com Failed increaserev.com
310 97
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-26 -
2024-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
cat.hbwrapper.com
R3		 2023-04-02 -
2023-07-01		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-01		 10 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
sni8045gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-09		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
getrockerbox.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
tempnextstat.bcovery.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
neodatagroup.com
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh

This page contains 26 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: D0250EA517599FD45C3B241244773DEA
Requests: 198 HTTP requests in this frame

Frame: https://c.neodatagroup.com/ps-topics.html?sid=2033
Frame ID: 1D6E704A77ED6EDE88EA8A04ABC3DA5F
Requests: 1 HTTP requests in this frame

Frame: https://1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 09E111702973E8A1E6B2B8B1C2556FAD
Requests: 1 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683836588904&uv=3275&tms=1683836588904&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b90f49b-d964-4d3a-9a76-841ea07329ae&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 27D706DFDB15E300AFF454B4E7B73B8F
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4C5E202D727A2F7199B0C96819CD3E9D
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 6C37979B159C9A9C5FBEFF812561368F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E93B308138830DDC3947DFA7C8D0253
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D8BCB53AA55C3735B916FEA666B87960
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 9EA69728DA298B4913F16598822DF572
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNDwM__1NZpEj1zY2unUQ1cTT6AGWlskCUBPJc_-x5rRMRntIm5agGfRLvShkLudMI-YO5No_bL-Xlow4DJcYtam9JbBRQ60p7rbro3WGDrEV2jYaLm9mpZJ71gT_b22L0w71aMPt_ayIbG1p5r5t5uAAd5dzQdAZ91fBjJzXazVKeMYex8D872GveKWTkoRkpD54KDox-0sOuTV31LWlDWKWFAboHLO3d6OmvlVEdxsdnibbZILDyiVh5ly-dADZab7I_Rlehb3RcMfMI0QJeliU0hRSfLs3sv7EUIcXP9ZO1W_WtULjMOBT7txFeJi8lUJ7BvSYw3bRSx02I7ShpmLMCfHA&sai=AMfl-YRIVIA6nMB9buNhbWKm5Oy3HLgZQtdhfiOMK4md4gr9sR0Mh8yw3UBZpDsSNjVJnPhBCt8LmAM7y08iBx_Omx7oMkV31fkgrmx6cM0XBpzaidwtq2nKWaJm9H1mzGUbXarD4gum-kiVHTpXE4nq&sig=Cg0ArKJSzHHL-VBL9XBREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9AF6732C29F06043DB8AF738332FF39C
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJiy2YPoIrnx8Pc-kSJ8psaC7dXSqOirk3JuqcgRptyFj8_NwBj7YbbeXfekjyNhgyKCpHWt9QNFPR3kJQmypjy38LpA2gHBWru2EK7UukdhDsbr8n0HsAYyraFcFy25p1OgiPP9DrXrVm5m9_72zhMYl1S7NirAbMHi4ILcU_CoAcuu_9LpE205Zd9J8N6Gl51B00BJ-FG73wqnC-B0-nBSXH-maBMx4vUdsjQWJ-J0DkTyETCYrykyWyzFnOoRtV230nMluQb2nUWt4LcbkHsqPDWs3QirTe5p3cNYaXk5IUpx6iUmC88_1QOlBnBVeV390JdD1eiiZep-_kyLEptw&sai=AMfl-YTtdfuYMMZ-7TlHYUoBHPTH7hLH6Pb32gQy7HrNe3Uhzkk0a3qunWiTv0DPlpJ77-Wwl8DtcqQchEX0uB0tBqj5CHRmK16aoQUTY99e5YjZwRmOrMGCmtGkKyTbkxCV27dztmlUHOtxq-qOVmz2&sig=Cg0ArKJSzADlx29c6JvvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FFF283E25DEB250E5C05FE337D5DC675
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJAuTN6cnRP140UYiEPEDXolq0BzqqccaAvxU-Fp_zwqDzEQPWBsoDaIZYtppp60N0MeBnQ_nF0I8bUz2HxKOzQm0ChSiHDMpsVydGHjhalBJxeELeOO0amB4efAcmIXcOUB4Y2c6ePcH_wV3e510a0gk8SdkoJRitTuoSmC0Mg9qgngcrpucc1jtxWGkU0ayjMfwCzvkEGyh2tPVqkovLXYJ46Ndq2wmdNuHNnjMc71SkxeOgLSZU_JYxYJY8anOFdgo5zZXOmmZcAjo8XyHIlYhyFGgi7R-hcCteq4vEyON1aGLtF03P0DGhYbb9w8YvOPPFGBmvzL_F5oZuiPo9&sai=AMfl-YS5vOjkwHCsY_1qDXpYIjUGnxAn-Ezn0Pu8jg__-A_7WvRh9WIqkCoqDJCoECi6NHLUrmSacl6rtc_MttFWbA7ORn3UsEM9G2GjmdlkwHW-agAXFKHheorzrfbTxt53DW7MESQLdNZrSjaG7Npb&sig=Cg0ArKJSzODx_KXevYVcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5C59C21BCAB3469A0F6BFF01CDBB23A6
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F066D034D13A0FA1FDF57FA69E01B46E
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
Frame ID: 2BDEA6DC143FA2FEE92A6F48AD0C446A
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589609250702&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: 725C3A0B02979E798B85F7B86303D953
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 1E693A4EBCF9C349657DB8CE7C6E5BE9
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: FC0BC7222BCC2CAE5632295325324C66
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Frame ID: C1EBC910E3EC3B7E623A3BF99B4B3A45
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589300891769&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=487003955&size=970x90&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: B0C0BC732B021F5013E61EF51E8FD663
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 25EF7BB3316F5C7318D7FBF0CF23903A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BBFBBBFAB53955D3ABEE7726E0742600
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Frame ID: 6B1E730CBDD83F3318563A5C61DE0C69
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589150294967&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: 7EAB91B63C3585A94CB9E491F573868F
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: A7855A5DC52925246912011BCA6796F7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 026C04B9312370B295366CDA2C20F383
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Frame ID: 11E20C7CF0A763E389DD3815BEFC67B8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ultrasurfing.com/

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

310
Requests

83 %
HTTPS

34 %
IPv6

52
Domains

97
Subdomains

79
IPs

10
Countries

8898 kB
Transfer

14230 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://c.amazon-adsystem.com/aax2/apstag.js
Request Chain 59
  • http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js HTTP 301
  • https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Request Chain 60
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Request Chain 65
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
Request Chain 132
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CPH_742M7v4CFRqH_QcdayIJ1A;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Request Chain 190
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=532834265261&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=5dace1aa-4b46-443a-90ac-9a06b95493e5;pubcid;PublisherCommonId&pbs=true HTTP 302
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=532834265261&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=5dace1aa-4b46-443a-90ac-9a06b95493e5;pubcid;PublisherCommonId&pbs=true&neoid=31018f6a942059f
Request Chain 191
  • http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261 HTTP 302
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261
Request Chain 192
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=532834265261 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=3595731012829818103&rt=img&rnd=532834265261 HTTP 302
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=3595731012829818103&rt=img&rnd=532834265261&neoid=31018f6a96005d9
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=532834265261 HTTP 302
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=532834265261&google_gid=CAESEOWbr0r8Yz1I5ZyJg_AzdMg&google_cver=1 HTTP 302
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=532834265261&google_gid=CAESEOWbr0r8Yz1I5ZyJg_AzdMg&google_cver=1&neoid=31018f6a990059d
Request Chain 195
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=532834265261 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=532834265261
Request Chain 236
  • https://tracker.neodatagroup.com/cm?eid=31018f6a990059d&pv=AMAZON&sid=1&rd=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Dd0592a87-ff14-499d-9eda-8641b59e11c0%26id%3D31018f6a990059d HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=31018f6a990059d HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=31018f6a990059d&dcc=t
Request Chain 256
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nd583fFZPp3l3twcIlc4AA?csrc=&gdpr=1&us_privacy=1---
Request Chain 257
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENCD0UTa4VWDeD_3mcnfZ14&google_cver=1
Request Chain 260
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhKS1RVSkctOC04SVU2&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEC-NWGOU2KvuiHd2dEf26G8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKS1RVSkctOC04SVU2&google_push=&gdpr=1
Request Chain 261
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJKTUJG-8-8IU6&gdpr=1&us_privacy=1---
Request Chain 262
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2U5NGFlMmZlZTYwOWQzMjEzODE3MDFkN2FkMjgwZDllNjE1ZGUxZQ&gdpr=1&us_privacy=1---

310 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ultrasurfing.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8607e1a4e91b94c0c9bb21175b755ee84a1a422bcea0866cf376dde9237f5829

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7c5d234acd2e3a97-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 May 2023 20:23:06 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwjQMDs7P%2FxOeLGwdFSsOwvh85ZJ1iLrco8xgkRvqO2vZ8K6GWUU2ktqmtY2C17MSCzuRpZkpAte6o%2B1Oq1uDpkZkcvpoOzHWDdoNhGvenx2rtwZ4k3u9tpLCraELCHRW0lZLoQSq7K%2BULJvnAPC"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reset.css
ultrasurfing.com/css/ 		773 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/css/reset.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=1050
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
W/"5f9a61f5-41a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrriHJfXGgRPB5XjYumCaaZ1p32DV%2FwlTIA9RVgEHAzvuZq5HsB38rZvBAv41T7xquxB%2BN%2F2UGTCQH8XrBptGXColdlxlUNc3QNID6heLOV4XvYjOeQKb9FVlUeI0X7XNOTnhYPGaWAcLjorgIV%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
7c5d234cbfa43a97-FRA
style1.css
ultrasurfing.com/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/css/style1.css
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3679
Cf-Polished
origSize=19154
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Sat, 08 Apr 2023 04:57:00 GMT
Server
cloudflare
ETag
W/"6430f41c-4ad2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlE4Mv3y4g5y4J4BGpEFR7GO4nXD1zUf5qSpDu1gWZPDQLg8ara4oCurvtOS%2FWCmzJ7SKUMPzZUMSdjCSrd9EqIKjwDXZ4WYCKZCZjwTITyF%2B88ml99TiF9Xf%2BYIqHLku%2BzaIPRuOtQBLPD3DznV"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
CF-RAY
7c5d234cc97a3621-FRA
75a5acb2_photo0_610.jpg
ultrasurfing.com/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/75a5acb2_photo0_610.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09b366c27f31a798adc5d47c57fa03f23a3f0ef6c0f9bfec8d8ff67279e3252

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
32518
Last-Modified
Thu, 11 May 2023 20:21:01 GMT
Server
cloudflare
ETag
"645d4e2d-7f06"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMmPNH0oZDDgNfWvwBzz2zMBnQLQWITQzxVNOU2n%2FZYttdVzTzHq3oQJzqnwcyGzxfgoLa5TdYsmeDkukEpZqqO8TlPLdMjd0QgDCRzRDa1yeR30EioUiEb8TserAkx82iRwc0yFIl51eeAD4UP5"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234ccf62927d-FRA
Expires
Fri, 10 May 2024 20:23:07 GMT
1e2a5b5_photo0_190.jpg
ultrasurfing.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/1e2a5b5_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b335f65a9002e20099c1f16c441802677a12f17dfffa2a8a313e92bb46b2d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5189
Last-Modified
Thu, 11 May 2023 20:21:05 GMT
Server
cloudflare
ETag
"645d4e31-1445"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgCzQG9c0lXOH3SyzpOi%2BpeCSerGB8hbYpZsYxt0d50pOyfsrIliEiT6YF1hVnFKWv0%2BtYREjJaITbBd0O3%2Bw73mB705BovE%2FVrOFqlpc4FKVnAF5aoq7Bcn4ksezB4W9C8UafLbnmWHzGUIKlHb"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234cc9e85c98-FRA
Expires
Fri, 10 May 2024 20:23:07 GMT
69b74cc1_photo0_190.jpg
ultrasurfing.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/69b74cc1_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f4068707ae8a4ea8d64c8e4e27e1c1047c9f497e98df216d84b39aa5d87ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
8439
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7739
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 18:00:06 GMT
Server
cloudflare
ETag
"645d2d26-1e3b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz5QH28BVi4NOjt3vhuYl8vfuawmdQ2RgaZp2%2FEq8Ju2aOUykEVXWWbIfkhzU9UaV2%2BGGq%2BiRxNopZctFeouBDeOl%2F96ErpiY7ax%2FJvDWFo7WiLd0g1lZUlbmLn3djVOkJjGu4b9JO047ykr%2BOtV"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234ccbd4199e-FRA
Expires
Fri, 10 May 2024 18:02:29 GMT
75a5acb2_photo0_190.jpg
ultrasurfing.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/75a5acb2_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ad649aa54da9be1d6a397bcef06b6424a2798a6fceb44d3421aec357ac9d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6788
Last-Modified
Thu, 11 May 2023 20:21:01 GMT
Server
cloudflare
ETag
"645d4e2d-1a84"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEHfyxiYT%2FIz167592%2B6QKi4rdvSTLjZ2D7sM5%2B0IJswbjS5lDS45bVROIP5TCst5P4rrUvEf%2FW6da90cSyXMUkCVd2WwXvzXVHlHvwjwxdJSUWqmx%2FfQq6b1i7os0wMdVtWToYoDb9UHt4jKZFK"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234ccb5e1a6d-FRA
Expires
Fri, 10 May 2024 20:23:07 GMT
8452fe32_photo0_190.jpg
ultrasurfing.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/8452fe32_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbc6426b069330c054993f1c434f91e2bf464ad386236d1b557483d7baa4dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
10187
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5803
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 17:33:03 GMT
Server
cloudflare
ETag
"645d26cf-16ab"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu4WKcgAvOLLLw2Xq%2B4o8qO1et%2FiBFssySExCuuBnn3QW%2FrfbT5yPNlmzbJkNIEj0H5El7Uop2Mph2Vp%2FA4pKQOoXN0lOjBBm34ctReSw0wXZ2B394RsK798dI4ZRIgmlgjIo9wCYu0jUSd8JcSq"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234ce99e3621-FRA
Expires
Fri, 10 May 2024 17:33:21 GMT
4c6cd62b_photo0_190.jpg
ultrasurfing.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/4c6cd62b_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357d451ba51323303d179a2abecbd9a78cce9a6458d7a604007a180d92ca72e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
8439
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7759
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 18:00:01 GMT
Server
cloudflare
ETag
"645d2d21-1e4f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HA1uZRHN%2Fr5YY2yLGaDa4agOA3HCT58SLeLOccpPUrx9ht7oBAgqP%2BhX6uzdNbA0BAv41BZb5Pp4bar7s3XaXjRuhNkSZiZILOmJ8RgmrqXR%2FDcjDxUpzmkyiFqJ488CZgisrg8SRyNNLrdmk5se"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234cebf5199e-FRA
Expires
Fri, 10 May 2024 18:02:29 GMT
8b90c9ee_photo0_190.jpg
ultrasurfing.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/8b90c9ee_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850db36fa7d3391441934a0dd53fd23565b6aa473490306851ff7c8a7ee45cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
279
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4689
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 20:18:04 GMT
Server
cloudflare
ETag
"645d4d7c-1251"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BH9fuwtQvuJhRKdq0%2FR73r6K4C2Qooq5TMqkjrWL9gznRIA3nZAeLNx36WJ31E0MWGl4RX3O0ebIQszL2r%2F2tdruA5v%2BNcWb0EUsRliC8W%2FJS4MCJNS5aIO%2BsT0f80WJI3qD90HgbPMGfjEkx6z"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234cf9b53621-FRA
Expires
Fri, 10 May 2024 20:18:28 GMT
8f4c260a_photo0_190.jpg
ultrasurfing.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/8f4c260a_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44d59b6d0e3be9260bffad9b7dc048a60ca8fc93f82e05e49b0a465c45fe579

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4120
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4235
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:12:02 GMT
Server
cloudflare
ETag
"645d3e02-108b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEUYS7B%2BAKkankY25wsZk%2BAEbz5CrWQsu97rxNxYie5sTnZtHPT7LeHoH2QnvUIve3URLxtIPSIpoCxaMVmeYG3rMHG6NrzZNiC6EaotHmUgns8ruKRy%2Fwb0chIxyz1UvqpnYGoupGRUh8U4Wnuo"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234d0c0d199e-FRA
Expires
Fri, 10 May 2024 19:14:28 GMT
503c428_photo0_190.jpg
ultrasurfing.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/images/503c428_photo0_190.jpg
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd4968084c794b22b923d972baa11298e5a6a7bb2289613bc3e70bb6e6076e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4109
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4391
Cf-Bgj
h2pri
Last-Modified
Thu, 11 May 2023 19:12:03 GMT
Server
cloudflare
ETag
"645d3e03-1127"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akZvhMk0N2GgW3dGKqIpfkOAWH0jgUV7PHYgOmV%2BpscgNSH2oo%2BQCi%2BXT76iXMxonPu3D3%2BOGXcKuiG2U37zR81wyHMOU%2Ft1IMzEYD6GaXNptifh%2FPJOGFVIUTHFI9M9xBN5Pcygp3tuMgMAxEa8"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234d19da3621-FRA
Expires
Fri, 10 May 2024 19:14:39 GMT
rocket-loader.min.js
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 28 Apr 2023 14:11:40 GMT
Server
cloudflare
ETag
W/"644bd41c-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnJUqC4Xw8Eu4uqd7STcMhxNtw7d0jUVPm60lkCqCVtxD0hzZbftv2%2FI2BRv9BDt6GvyT85mg%2Fuhcl1g%2B0L94fj5ZYmTOLZVrjRXyFCVrqseT5LXtHNqZjueHVn0cBLV%2Bj22jjGmACm1dwY7S23w"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
7c5d234d1c24199e-FRA
Expires
Sat, 13 May 2023 20:23:07 GMT
aaw.ultrasurfing.js
increaserev.com/ads/ob/tage/ 		577 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:4a72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984974b85250965fb864f580aee7f46131ea97e843e21b58289513e33685c31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3653
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 May 2023 19:07:11 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLXSNUYuC%2BfZ6wBxgGiCEjguXblZCci1ABh4dHyrcjpxyOYYvIpbNRuab0j1Ht7mDOI38VTB52qrExG%2F1AWW3qbi4m3hCV7zTBIlnB3Wm8pTwt3d6SJ4ZTW0KmJmp2KYepto1sJu65yOAjXXnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
7c5d234ef9063a9d-FRA
access-control-allow-headers
origin, x-requested-with, content-type
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa412469011478080aca85e4ecf4d70089b494625739eabaf41c92886372811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80074
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 20:23:07 GMT
bg_header.png
ultrasurfing.com/img/ 		230 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/img/bg_header.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
835805
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
230
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-e6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D%2BZaOdPyT17Bhesh07FfnbjnmokMrhEtxaFZq1KOFEEwOpBiVgJGGnqQpkYBp8PhESY1iITzUt84qXhAEx6G%2BNlvUHc9D7eLsvm4OLWNgNzKoSc%2BlaOtMjHDbORIad936fN0Sjkp8b3K0d6ACkZ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d23501d8e5c98-FRA
Expires
Wed, 01 May 2024 04:13:10 GMT
logo-new.png
ultrasurfing.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/img/logo-new.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
8610056
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7316
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-1c94"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXG0bXzxP%2FDzsKvwvg0zde9P18dYCOcTQLHmkk92rk%2B%2BpVLi3Qpuyx5aEJvoisDHTxD9ePxEB4y0bj2EjUfwi7s5M7k4f6M%2B7RKI2LTovnUXXT7SZUZI8SQqejjhlpbvCKH0lSlcyuUQHJnInkKZ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234ece0d1a6d-FRA
Expires
Thu, 01 Feb 2024 04:42:11 GMT
bg_nav.png
ultrasurfing.com/img/ 		175 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ultrasurfing.com/img/bg_nav.png
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style1.css
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:c516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/css/style1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
8610056
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
175
Last-Modified
Thu, 29 Oct 2020 06:32:21 GMT
Server
cloudflare
ETag
"5f9a61f5-af"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuepLi%2BWmuZ9u6PdbbzYoMWKjgJ7uvNvbMuDMxfacKzaiLt7tkrqHV8ybfSHXyunASzeajKIkmXccvQjVom3bc1Qrq8eNk9i8aZNPG3qyHWc7ltAnDOaaQ362yTSGOrQOASDK5VpJ6eghX1Cijft"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
CF-RAY
7c5d234eca9f3a97-FRA
Expires
Thu, 01 Feb 2024 04:42:11 GMT
loader.js
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 		399 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a7e5214c17066ad2278d15b001d21f2343958a2792f20dd882d87bcec0404ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hXeeEEgi0x.A0gvPV98e6VW9m.robHmj
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 11 May 2023 20:23:07 GMT
x-amz-request-id
1AHQVXQ9Z2MHANRW
Age
111
x-amz-server-side-encryption
AES256
X-Cache
HIT
x-amz-replication-status
FAILED
Connection
keep-alive
Content-Length
46912
x-amz-id-2
LsxOsHddHI2k9LSNmrkz0+SsVuHQ7GVQR4GNq7rnkN4eV4L4kRg7Tg8/f1ZjqcZrizFviR1Q//8=
X-Served-By
cache-fra-eddf8230042-FRA
Last-Modified
Thu, 11 May 2023 09:17:47 GMT
Server
AmazonS3
X-Timer
S1683836588.569232,VS0,VE2
ETag
"26630f21b018a4b6bcd91a6d5a45e592"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
abp
37
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
X-Cache-Hits
1
gtm.js
www.googletagmanager.com/ 		213 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b38f2f3ca34bdb5806a224f34d34b4e279f259dae6ab9790ab6a503c3d95e7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70329
x-xss-protection
0
last-modified
Thu, 11 May 2023 19:49:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 20:23:07 GMT
/
cat.hbwrapper.com/ 		15 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://ultrasurfing.com
Date
Thu, 11 May 2023 20:23:07 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		318 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fecf15dff30a1084efe60c5b553e5becd24c6c78a4c5357f8e93c64c1e209ceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7c5d23508b8339c7-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f9a1d97afddcb1a4592c277961147c774e155e766685649e851529f7e685ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25272
x-xss-protection
0
server
cafe
etag
472 / 19488 / m202305080101 / config-hash: 8653395816841731476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:23:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:22:31 GMT
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
37
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
r-FBD0vz_vApeBv1PNea4tHvfUzgZTOPoNgnjCep80FzqWBTX2KNPQ==
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4YW22RJ0K&gtm=45je35a0&_p=1860238262&_gaz=1&cid=742740736.1683836588&ul=en-us&sr=1600x1200&_s=1&sid=1683836587&sct=1&seg=0&dl=http%3A%2F%2Fultrasurfing.com%2F&dt=ultrasurfing.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4YW22RJ0K&cid=742740736.1683836588&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4YW22RJ0K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
168a16148554d35e7064929d8c379afa5e4c9b4e92f6f510825a54b566af90f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62495
x-xss-protection
0
last-modified
Thu, 11 May 2023 19:49:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 May 2023 20:23:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/
Redirect Chain
  • http://c.amazon-adsystem.com/aax2/apstag.js
  • https://c.amazon-adsystem.com/aax2/apstag.js
230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:22:31 GMT
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
37
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
afUiD4IM_49o4V2XadntL6X1v6CLfDWoa4Aj5CyrEy0WaJadsNr4XQ==

Redirect headers

Date
Thu, 11 May 2023 20:23:07 GMT
Via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://c.amazon-adsystem.com/aax2/apstag.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
TJy5lvx6H3yrVq2DCBKpgbSq0GlUVsKW3QqPkwT2lOOx8-FNLoyXOA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
041fae49bdc332d692b89d7d8c708dfb28f175d10cddaf1959c1bb46ddd4d3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 May 2023 20:23:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
15740
x-jsd-version
1.0.1695
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
835
x-served-by
cache-fra-eddf8230104-FRA
x-jsd-version-type
version
etag
W/"633-FCRqVFGddBEX9jwRoP08YMQ1Zs4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4YW22RJ0K&cid=742740736.1683836588&gtm=45je35a0&aip=1&z=107283337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f
fid.agkn.com/ 		0
0
impl.20230509-15-RELEASE.js
cdn.taboola.com/libtrc/ 		764 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9c26422444f4909d9a1dea66c068c2fc828c865ce62ec917fa55e142b6fef8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
phACf4zEVgWuU4uHX7YPPmtz1ozYPcss
content-encoding
br
via
1.1 varnish
date
Thu, 11 May 2023 20:23:07 GMT
x-amz-request-id
6EA1A7PNAPBBX0SX
age
1990
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162589
x-amz-id-2
6bzTkINWSsU3zrq5twc4wtxJe5tHQrV0PuLnqaGzcd5dJ/hpU9Fl8EnxtVpoNT+0K+3lH3dp6L4=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 11:43:17 GMT
server
AmazonS3-br
x-timer
S1683836588.688179,VS0,VE0
etag
"efe10832919698d8fd2976348813687c"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1294
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 06:33:55 GMT
content-encoding
gzip
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
51554
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
p8rYrOvyWBRtWn2lW4BfYq-WZzIBczISapX6BKJm5vxYTG3wFeATCA==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 18 May 2023 20:23:07 GMT
adapex.js
c.neodatagroup.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.neodatagroup.com/adapex.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
c645b2297568c10fd6b2a345d2cda9abd7e1266845d2778be66216342cefabc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
Content-MD5
coEWV/XgLvSVadUuYlWzxg==
Age
2266
X-Cache
HIT
Content-Length
9988
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 04 May 2023 08:48:50 GMT
Server
ECAcc (ama/48BB)
Etag
"0x8DB4C7C61DE5253+gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
x-ms-request-id
3c5bb578-f01e-00ad-6d41-84e312000000
Cache-Control
max-age=7200
x-ms-version
2014-02-14
Expires
Thu, 11 May 2023 22:23:07 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://ultrasurfing.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 May 2023 20:23:07 GMT
gcid_s.min.js
p.gcprivacy.com/t/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
jt4ZnrYXxK0Tc9o56lUGTSds0r80tPTc
date
Thu, 11 May 2023 01:50:33 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 13:48:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
66755
x-amz-server-side-encryption
AES256
etag
"dac6676675972d00f4ec994de0578005"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9500
x-amz-cf-id
OAbJKuDPOmgNqNw2KU2-REUBeajQYTS5X2umYRVLQO83xmdtKsHmRg==
prebid
ib.adnxs.com/openrtb2/ 		49 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2d1d17fe14ba1bc027eb875d581a0a3998e4bcdceabead71bfc8ef386a1a7e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
x-openrtb-version
2.4
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7e0ed794-7ebe-42f0-8b10-5e6c57cc2c6f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.45.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
f3c364bc4bfcf521f0cf699982632ac7e217919db47d155013511245ea4adebb

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:07 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
157
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.45.0&p=%5B%7B%22placement_id%22%3A%222e682939-75f5-4e7c-8e24-d83c3f4761f2%22%2C%22callback_id%22%3A%22574bfa7eb1eb35%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%22f1c678bd-e071-41aa-85f5-49c7a51939d4%22%2C%22auctionId%22%3A%22bfbfd72b-f21d-4eea-9637-d83e5ff4ec01%22%7D%2C%7B%22placement_id%22%3A%22b66356ba-4042-4d47-9588-af374e3ef11d%22%2C%22callback_id%22%3A%22588230af262019f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%22f3b3e770-6f16-492e-bca4-5db6ad59ba48%22%2C%22auctionId%22%3A%22bfbfd72b-f21d-4eea-9637-d83e5ff4ec01%22%7D%2C%7B%22placement_id%22%3A%22e9e39a2d-d6d0-4cc6-99a6-ae4a7e87cf4a%22%2C%22callback_id%22%3A%2259ee0d224f8f2e3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%229faeb2a5-47f1-43b0-9d4a-a2222ab76b91%22%2C%22auctionId%22%3A%22bfbfd72b-f21d-4eea-9637-d83e5ff4ec01%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F&bust=1683836587759&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=5dace1aa-4b46-443a-90ac-9a06b95493e5&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225dace1aa-4b46-443a-90ac-9a06b95493e5%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.237.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-237-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
559abea84e10510fee39da592b4686fe92aa31d04d68956e06a51d135089b775

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c257582744201a571aeb4fdc4117135440b9f746a07d36703fa5ab0b6b36e21a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:07 GMT
AN-X-Request-Uuid
ab144ca9-2c43-410c-9855-c2e4b721d39c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
378
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.127.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-127-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
71fff2d9602fde57b90de5b35c6de7f90a62c343f9b9e088f2023f8adf7f1b6d

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=930331
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e11a0e7c48e032cb9aea262235c27384abe06ca17a38bbb5861e1d834ecb6c0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOJDg%2Biss6d7Ta%2BM54YCfcIXq5IxvjbyX1kLYoPMB%2FvXy3W6TgBtBW0qi1mov7xzlzk3ZdXqEAX67uG1kEeYtjAo650WI48qCv2JqZpegZXRM9OOO1AQAflhVuAG%2FHpZuavqVX%2B5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c5d2351be553668-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.45.0&referrer=http%3A%2F%2Fultrasurfing.com%2F&tmax=2000
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.183.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-183-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
accept-ch
user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc86365-06.cc.colocall.com
Software
Adtelligent /
Resource Hash
6579251e7866b2d2b50d446cc1d0f5a0879586ccabae2f85f71fd2165efa958d

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 May 2023 20:23:08 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1340
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a44b6c26a26a682f018b31a4858383bb81a9ed1788c0cfacde31b03bfe75436

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 11 May 2023 20:23:07 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		431 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=5dace1aa-4b46-443a-90ac-9a06b95493e5%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.45.0&x_source.tid=f1c678bd-e071-41aa-85f5-49c7a51939d4&l_pb_bid_id=10882628e5916ab4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f1c678bd-e071-41aa-85f5-49c7a51939d4&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.33303160880654037
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3d705bc546b53d44586a86da22b7321799913d9118a612f78809ae56afdadeeb

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
431
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		429 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=5dace1aa-4b46-443a-90ac-9a06b95493e5%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.45.0&x_source.tid=f3b3e770-6f16-492e-bca4-5db6ad59ba48&l_pb_bid_id=109cf6fa7e69e2e9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f3b3e770-6f16-492e-bca4-5db6ad59ba48&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.5839181808462324
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6d03f5ede931c6b90381663cdbb99032d90ea9bc5b9d57289ea4052dfc8b8f0b

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
429
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		427 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=5dace1aa-4b46-443a-90ac-9a06b95493e5%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.45.0&x_source.tid=9faeb2a5-47f1-43b0-9d4a-a2222ab76b91&l_pb_bid_id=11098c8bbab8b694&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9faeb2a5-47f1-43b0-9d4a-a2222ab76b91&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.5377148732621384
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c080dade3f6a7111ce8d12efc6238490c38bc7121759621a3009da8489d4dba

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
427
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
rt.marphezis.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:07 GMT
access-control-allow-credentials
true
vary
Origin
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:55:23 GMT
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
1664
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2326
x-amz-cf-id
_iMFblhbeDdc6D2U-HYpj2sXADNSiHwTj_zTRdmtN4mslPQPAvS_tg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=Dy36RCn2Zw3vu&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%222e682939-75f5-4e7c-8e24-d83c3f4761f2%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%22b66356ba-4042-4d47-9588-af374e3ef11d%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%22e9e39a2d-d6d0-4cc6-99a6-ae4a7e87cf4a%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
JB46APW6YCT0KDX5A19C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6dx-lMiU-Zu8je3NdtoqlcjhdslasrArrVwGxWb0pu6urwEeIK1NMg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		0
0
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683836587846&ns_c=UTF-8&c3=1&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
tfLv-2xmrwcnjvMrOjMbTMG5BA7kcz9yR_WQgD_g51_ookKuhTXyLA==
x-cache
Miss from cloudfront
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
4062
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127538
x-xss-protection
0
server
cafe
etag
14255841817258122496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 May 2024 19:15:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4faef730c9d6bb084fe665e9e5db4e9ac041a82c48043979978df34b82215e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
655
x-xss-protection
0
expires
Thu, 11 May 2023 20:23:07 GMT
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
  • https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Protocol
H2
Server
2600:9000:223c:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:27:41 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
xYg_rNCBXpMHOvmTunUQMpXnGcJDWaFV7S04i7jpeTo6OXYsYmG7ig==

Redirect headers

Date
Thu, 11 May 2023 20:23:07 GMT
Via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
taZXmOpHYIox5GRdjYrOQGhJdTER6TM7Yl7It2yW9kbI4QPegTlrBA==
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
46 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Protocol
H2
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
365544
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control
no-cache
content-length
0
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 		84 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=20%3A23%3A07.882&lti=deflated&data=%7B%22id%22%3A776%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1683796663655%2C%22vi%22%3A1683836587878%2C%22cv%22%3A%2220230509-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1485%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A105%2C%22mw%22%3A950%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1386.90625%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A120%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5fb32d1245f0c055136ff16fc4ceef07eb91022df8c7b08bc006452f5f903bd0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
311
date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1683836588.893756,VS0,VE311
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 19:40:17 GMT
Server
Apache
ETag
"d734-5f2f3919e751f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17407
Expires
Thu, 11 May 2023 20:38:07 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 22:42:19 GMT
content-encoding
gzip
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:13:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
78049
etag
W/"dc01f342ec44b3f8f5767d7b93fe1ac8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
JgtQ_IlmYcAKXzLjAu0FQE_xsgIJa9hBpI4wPSUc0uhWhZUBUinqgw==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
GQKW019N2965JHHN
age
3286
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7c5d2352fc0bbbb5-FRA
x-amz-id-2
b3ImfROkoqdV2lCnw3i6gNRD4ccoWO5L6+cnXG0GCJu8OaLzXK86GTcCYLFGTN8jEIpiS9EMtVw=
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QQHBKKDC4K9EXW7F
age
2566
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c5d23534d319bb0-FRA
x-amz-id-2
4mcYKQ5Hb3U2OaIpwisHn+DXiPFTI0FN2tidCE6GVNrf0qEvGkxvwQERDCwB3ajVcoF/DwRqbqs=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.157.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-157-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:23:08 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ps-topics.html
c.neodatagroup.com/ Frame 1D6E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.neodatagroup.com/ps-topics.html?sid=2033
Requested by
Host: c.neodatagroup.com
URL: http://c.neodatagroup.com/adapex.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488C) /
Resource Hash
3857634543824c46b5f1f435e9375e75e0ad96b16d9bf4525e54f0f14bfb25e8

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5383
cache-control
max-age=7200
content-encoding
gzip
content-length
918
content-md5
8KzndH43fcLeRwVWvG3dqA==
content-type
text/html
date
Thu, 11 May 2023 20:23:08 GMT
etag
"0x8DB47F72DB48BAD+gzip"
expires
Thu, 11 May 2023 22:23:08 GMT
last-modified
Fri, 28 Apr 2023 14:45:15 GMT
server
ECAcc (ama/488C)
vary
Accept-Encoding
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
0973f636-d01e-00c8-4239-844d56000000
x-ms-version
2014-02-14
sync
p2.gcprivacy.com/v2/ 		155 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=5dace1aa-4b46-443a-90ac-9a06b95493e5&u=http%3A%2F%2Fultrasurfing.com%2F&h=ultrasurfing.com&ref=
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.180.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-180-138.compute-1.amazonaws.com
Software
/
Resource Hash
272e40d3053403d04c05acacecd7fada716d4bd07397f5c53accbd8f6b987588

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
155
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.157.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-157-234.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 11 May 2023 20:23:08 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.23.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-23-9.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f67b6499d74ce3ce5dfe68042e58ef1fd0b2b69c8f56957b9eabcdc4d9f7ba90

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.18.150
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7c5d2353993491cf-FRA
content-length
0
content-type
application/json
date
Thu, 11 May 2023 20:23:08 GMT
debug
OPTIONS block
expires
Fri, 10 May 2024 20:23:08 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		101 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3b8b373035174d6b983146e654d9a55a5607568032335bf109eb0db2344c71

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7c5d235449c091cf-FRA
pixel;r=1296566596;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-1875324410-1683836587862;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1296566596;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=http%3A%2F%2Fultrasurfing.com%2F;uht=2;fpan=1;fpa=P0-1875324410-1683836587862;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=ultrasurfing.com;dst=0;et=1683836588105;tzo=0;ogl=image.http%3A%2F%2Fultrasurfing%252Ecom%2F%2Fimages%2F12c7b5f2_photo0_610%252Ejpg%2Curl.https%3A%2F%2Fultrasurfing%252Ecom%2F;ses=f7a4b698-73a8-4a6f-b16a-f1d9649074fd;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
25e86564f8c988311240600e78167d9f3e81f7e66b3fd29d22943952772210ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
floating-unit.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d58b29ffaca204de2d5e1e4e12ebe5dcb7d85ba97268e86470798d2da291481

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
aux8avJAleVGlF4LzHJ7fmFFAWMcXDt4
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
SN60813X3X10PSQ8
age
40116
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
gSA8BxFYLweVlG5S+aYvr3LvW+mATK9ywcatY9Z++nQmyoRvve1kT1vA3YhqnG5Is9mxM9/xmHE=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:33 GMT
server
AmazonS3
x-timer
S1683836588.229818,VS0,VE0
etag
"269781bea754f87ed30cebdc501a0537"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2085
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.1/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:08 GMT
Via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
213377
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront, HIT
Connection
keep-alive
Content-Length
31023
X-Served-By
cache-fra-eddf8230133-FRA
Last-Modified
Tue, 09 May 2023 09:06:26 GMT
Server
AmazonS3
X-Timer
S1683836588.243865,VS0,VE0
ETag
"f42b894e197d2128ee7d3b438e0ac56d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
X-Cache-Hits
22002
feed-card-placeholder.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0a8ab249355bdff84d2b0e7643c3d39ed25327d8bad19d6e28b8b28754c5f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
4zQej01Ka84LUuaeGJVkkHQFiggVK9Ab
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
BSSMH81ZZDFDKC7V
age
40120
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
PMsic7NC0buC/5UYK2uejjXPLz313uY4VeYBPyS/Urf4naGAzqBDy7M22Ak3hxhKmNbmYZSIBBY=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:28 GMT
server
AmazonS3
x-timer
S1683836588.233200,VS0,VE0
etag
"5ef5c601633c0178274a6ad7fc9096ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23053
cta-component.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a573d67271700ec3fb1825170fdba883d0caf2a32f5c4aabccc12ea37dcc08e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
uPJMICq83fwOnp4BNeclsZ_xWU0YryPY
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
0VH730CWR7T3KW1J
age
40127
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4739
x-amz-id-2
QfFuRGJ9cPOXq3gDwYQv9QIKwBShC3oSTGH9hAUfoM7eumixBTi8bdnlMbqhp2tbhg+RiAZ5LVI=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:21 GMT
server
AmazonS3
x-timer
S1683836588.251264,VS0,VE0
etag
"6a8c529020b41a08ada3f5d5705a61e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
21919
userx.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67b8c17b3c24a3061095d1478d3719f933c99faec550958e80db1b59c8318e13

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
BgPUWl.hH8pvbzAIC9zryCQtBe3vh3EA
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
SBJ6E6WYKF4JP71G
age
40093
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
2tP4RtnW6GIpBFpsT5EZvziKMfwSe0izG7qDLATZKdmRPn40xZ2nXryCSjWkOCmMx/dRUZEbv24=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:56 GMT
server
AmazonS3
x-timer
S1683836588.253006,VS0,VE0
etag
"4eb43a9bb8806de58a74bb8f9fdd68a1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5324
distance-from-article.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6e2e3a5ebde222062f455c1adc8c3a18f93746015048fb9cca6fb69f58fee98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
C.YqZrU3ZRhJGon2bFlxAB2iU.0sEf8E
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
7K765GQHPNSDJKEN
age
40125
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1136
x-amz-id-2
wmmbSVb/zMY4H0bizW177K49Ba85/yD7yxcQgccQIil2v/poD004ZXZaB0ldOwlT2Du9FGg09xY=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:23 GMT
server
AmazonS3
x-timer
S1683836588.255737,VS0,VE0
etag
"cce3ec2824d8f1b5b1d536c18680c657"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25521
article-detection.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b532d2ce382b585afd8dcb5ebee9658b00bdf5a666198ce2f6ec2dbc1d4da73c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yrBKKJfiEFF01zLzGxcZHOE6_YXoRdWB
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
4EBJW5SX18TDV0WX
age
40132
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1237
x-amz-id-2
zPz/c4+1QGRLJOyYgCrRH7u6r7gY1F78QadgUXoMreonT2c67/xGoPoYOOOLtXKxuH3qDHozYJ8=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:16 GMT
server
AmazonS3
x-timer
S1683836588.255672,VS0,VE0
etag
"9f0896b6a05a05b3593adc36d2fd2e64"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
32767
share-buttons-detection.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/share-buttons-detection.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
543969c810bc5a87f0701133e8a03ba5daf57e2a0b705283ed66e3485ab86d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
TzBKIcAteV7LXpJFBRiTbiJlpF3kvCGL
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
8S2M15G57P10YC7P
age
40106
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
680
x-amz-id-2
mGpXMk/e7tahHh78pxivGIDWFs0XXqrakxCEczQnLE9dMDQ4Ioopj6VDWxlQEdti8Ogpet6Be1c=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:41 GMT
server
AmazonS3
x-timer
S1683836588.255975,VS0,VE0
etag
"1f1dbc57ae7fe8efdb550e730753105c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
32664
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding
gzip
Via
1.1 varnish
Date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
TVRHNHYBPQ9HMG0X
Age
92
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1758
x-amz-id-2
uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
X-Served-By
cache-fra-eddf8230042-FRA
Last-Modified
Wed, 07 Feb 2018 11:15:52 GMT
Server
AmazonS3
X-Timer
S1683836588.262169,VS0,VE0
ETag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
abp
33
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Cache-Hits
137
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1683836588282%7D&tim=20%3A23%3A08.282&id=4111&llvl=2&ri=0d305fb94a8079a1d82ed3c8bb2e373e&sd=v2_c510ba25feea251c1bea9a79091071b2_4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b_1683836587_1683836587_CIi3jgYQ8-NDGOae7eOAMSABKAEwODib4wlAjooQSNSz2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b&pi=/&wi=-1709852854480885386&pt=home&vi=1683836587878&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
http://ultrasurfing.com
pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=20%3A23%3A08.218&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20%7C%20Card%204%20is%20missing%20from%20preloadRequest&llvl=2&id=2403&cv=20230509-15-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13208
supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=0d305fb94a8079a1d82ed3c8bb2e373e&sd=v2_c510ba25feea251c1bea9a79091071b2_4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b_1683836587_1683836587_CIi3jgYQ8-NDGOae7eOAMSABKAEwODib4wlAjooQSNSz2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b&pi=/&wi=-1709852854480885386&pt=home&vi=1683836587878&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=20%3A23%3A08.230&id=3374&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
v5
metrics.getrockerbox.com/track/ 		44 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=24810953&tier_three=3686759134&tier_four=ultrasurf-ultrasurf&tier_five=Desktop&auction_id=2023-05-11+20%3A23%3A08&referrer=ultrasurfing.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXXVUQgBdPlDsNsxmTYWEdHbowomvxPMlY1XAwET9xdMtOYzYLBWPBw9ztGi7ApuGxhDkOFmtUhkKVk%2FJFWv3%2BtXrNeDoLmI1pOfp%2By6VQkgVaV%2BFY7kslPu%2BtApYW2NkV%2FoqxlmNQQ5mrc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
7c5d23551f779962-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=0d305fb94a8079a1d82ed3c8bb2e373e&sd=v2_c510ba25feea251c1bea9a79091071b2_4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b_1683836587_1683836587_CIi3jgYQ8-NDGOae7eOAMSABKAEwODib4wlAjooQSNSz2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b&pi=/&wi=-1709852854480885386&pt=home&vi=1683836587878&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1683836588242%7D&tim=20%3A23%3A08.242&id=8152&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=20%3A23%3A08.276&type=info&msg=Load%20publisher%20card%3A%20split-1%20on%20Card%3A%205%20with%20the%20anchor%20element%20selector%3A%20.news-promos-sports%20succeed&llvl=2&id=3751&cv=20230509-15-RELEASE&lt=deflated&idx=pc&pc=split-1&st=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13078
json
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 		35 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=20%3A23%3A08.295&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A284%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_c510ba25feea251c1bea9a79091071b2_4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b_1683836587_1683836587_CIi3jgYQ8-NDGOae7eOAMSABKAEwODib4wlAjooQSNSz2QNQ____________AVgAYABo_5unsoL-6_KlAXAA%22%2C%22ui%22%3A%224d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b%22%2C%22uifp%22%3A%224d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b%22%2C%22lbt%22%3A1683796663655%2C%22vi%22%3A1683836587878%2C%22cv%22%3A%2220230509-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2844%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A806.96875%2C%22mw%22%3A610%2C%22fi%22%3A6%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10660336%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CAbove%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa7e91cb7e0bc474c6ce1630b32dfa85e1c3321ea9ed1965ed0c328766c09ba2

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
318
date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1683836588.295046,VS0,VE318
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v5
metrics.getrockerbox.com/track/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=24810953&tier_three=3686759126&tier_four=ultrasurf-ultrasurf&tier_five=Desktop&auction_id=2023-05-11+20%3A23%3A08&referrer=ultrasurfing.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVm1%2F6tsyiRI85rWWU4WqTuZ7n1OWJB7in2etpxfVcDG4ThUrpUJnFk%2FWOsTaWrWyGOL7QW%2B0Jgf4Cv3T17PTPC%2FquwjrY0%2BaWRll2L5LckA2W9TefJfxT8XgkaZ%2B2UDjBowuxOvNsq0ka4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
7c5d23551f799962-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7060b8e0422b22a68b0f99bc5348bc62.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9120c2c9935bd7e7660e87726263091f79226363a0a680b69ad297ec770da1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
age
2411652
edge-cache-tag
328122253815840334797971347784932071563,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
328122253815840334797971347784932071563,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/internationaler-fussball/2023/04/riesenwirbel-um-ronaldo-coach-bei-al-nassr-rauswurf-nach-kabinenzoff
content-length
12248
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000152-IAD, cache-iad-kiad7000137-IAD, cache-lga21982-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 14 Mar 2023 02:19:49 GMT
server
nginx
x-timer
S1683836588.334123,VS0,VE0
etag
"a0102710be639d9c34db4bb029876178"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 198, 4
44ae1dfb1846cb293b60bcfcb8af8146.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d1aecb40ee800f36b40c4d45e389a82e31e55f4498bde9150385d5e1a5aecb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
age
220406
edge-cache-tag
454935260536200774699196780106844800854,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
454935260536200774699196780106844800854,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
426
req-referer
https://www.fox10tv.com/2022/05/13/attorney-gulf-shores-man-indicted-with-former-clarke-sheriff-says-charges-based-technicalities/
content-length
15134
x-request-id
e949946f8df07b84e72d08a86d6cd9f5
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kcgs7200043-IAD, cache-lax10637-LGB, cache-iad-kcgs7200088-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 07:04:10 GMT
server
nginx
x-timer
S1683836588.334129,VS0,VE1
etag
"e8f66a3247ae9a83ceab2689284d572f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
c03c96c9b4de3555895fe3049b59e568.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1cc6f0e0f1e062b75078a577b806993504667e29f02a185b2ba377033e42e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
age
1326108
edge-cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sun, 21 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tennisnet.com/
content-length
21702
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kcgs7200115-IAD, cache-chi-klot8100031-CHI, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 20 Apr 2023 10:20:52 GMT
server
nginx
x-timer
S1683836588.334188,VS0,VE0
etag
"a5023ce1e0c6904084ddb4bbd995d09e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 698
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
3609074
edge-cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
188
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newschannel10.com/2022/12/02/claude-news-make-changes-due-astronomical-rise-price-newsprint/
content-length
24876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000174-IAD, cache-iad-kjyo7100087-IAD, cache-lax10625-LGB, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 23 Mar 2023 00:36:48 GMT
server
nginx
x-timer
S1683836588.349196,VS0,VE1
etag
"f5287609d11c2dc6fa654bfe36da9765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 193, 1
eb2ffb397b0bd743ce226736bb9e7cca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f8c411dab45a1d21a9be8ef9547ef104783c4a6697accc8e27e0bf9f7e42a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
age
18993
edge-cache-tag
364179135319093587135400934295135614576,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
364179135319093587135400934295135614576,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
139
req-referer
https://www.oe24.at/
content-length
68574
x-request-id
edb9d3c98a0a8f6f388df904a598787d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kcgs7200166-IAD, cache-lax10671-LGB, cache-iad-kcgs7200141-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 14:27:37 GMT
server
nginx
x-timer
S1683836588.349184,VS0,VE5
etag
"c01a5a0cc276822c84c6d4d714927717"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
29e06f45200475f370419d2a1812c022.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9035b6f95f2a98e4a8ea5ec0f069f3af2b74cdc47a8711d96244ab508cf6fec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
age
2471832
edge-cache-tag
443468220500487987050315380734658625068,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
443468220500487987050315380734658625068,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Sat, 13 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
13812
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kjyo7100021-IAD, cache-lax10632-LGB, cache-iad-kiad7000121-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 12 Apr 2023 13:24:30 GMT
server
nginx
x-timer
S1683836588.349160,VS0,VE1
etag
"1220c2b392ac937186863b7e7709b3b6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 409, 1
169c60131cf55dd7afdcef610c8f834a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07dbb70df2498ef8e6616bac53b1131a946add2ede96c63ef322ed5d9d8b124a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
age
201286
edge-cache-tag
303813542911419847738593013879637815375,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
303813542911419847738593013879637815375,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
687
req-referer
https://www.derwesten.de/
content-length
10284
x-request-id
0a054343202ae8f9d2915ee0f7049ef3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200099-IAD, cache-iad-kjyo7100128-IAD, cache-lax10668-LGB, cache-iad-kcgs7200041-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 11:37:24 GMT
server
nginx
x-timer
S1683836588.358800,VS0,VE2
etag
"cacf6e0d1f0d1b00a492a3a8d084acc6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
60ed8ba2150e2e9835f7bc956d825193.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
355479f062ab9279e50aeb1d4ceb164c7680c20174f4483ee03abe46dbc51c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
age
217725
edge-cache-tag
536750727950973524112366842041908945319,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
536750727950973524112366842041908945319,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
379
req-referer
https://www.suedkurier.de/
content-length
20190
x-request-id
35ac1329b908094a00125fe44a8e0aae
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100139-IAD, cache-lax10643-LGB, cache-iad-kjyo7100091-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 06:35:32 GMT
server
nginx
x-timer
S1683836588.359010,VS0,VE2
etag
"55a4faa63c4a09cce3a6d907674d3554"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
14997824ee9c228fcf600f34e4815d95.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8491414993b4cce1e868608a33c23adcf607afc2605962798599ef16a2ac6743

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
age
3148600
edge-cache-tag
477296991188113528751957790485925568264,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
477296991188113528751957790485925568264,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
115
expiration
expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://stage.wunderground.com/
content-length
12646
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200170-IAD, cache-chi-klot8100098-CHI, cache-iad-kcgs7200127-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 15 Mar 2023 09:06:34 GMT
server
nginx
x-timer
S1683836588.364770,VS0,VE1
etag
"a34f828b8df6ecaa308fcbfb00737364"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
87f57c351b3626ee96b86b923499a7ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54e78219ff5d7284ffd2fe85d01d22e151adb986c7fcff8a644eda5c3905b394

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
age
2440908
edge-cache-tag
529855673185721302426545584578276134058,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
529855673185721302426545584578276134058,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
102
expiration
expiry-date="Sat, 06 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.borba.info/
content-length
13866
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kiad7000154-IAD, cache-lga21947-LGA, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 05 Apr 2023 13:11:30 GMT
server
nginx
x-timer
S1683836588.370491,VS0,VE1
etag
"bd28cf1d03cf4a692c5abd60d3700dcb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 43, 1
d6fbf7f111fb4efa7552f3f4d34eda40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a5447352b7bf623a6f53e84a2559eac3ed5ac800f0299cdb75548c673770bf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
age
2077942
edge-cache-tag
573200521614995317052826837515243108417,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
573200521614995317052826837515243108417,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
428
req-referer
https://www.freenet.de/
content-length
11454
x-request-id
a1533428eeaa1149cd4d86470046a7a4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200146-IAD, cache-iad-kiad7000036-IAD, cache-lga21955-LGA, cache-iad-kiad7000063-IAD, cache-fra-eddf8230053-FRA
last-modified
Sun, 26 Mar 2023 15:58:07 GMT
server
nginx
x-timer
S1683836588.371473,VS0,VE1
etag
"36a598aac82ecac383c419d78146cc6a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
7060b8e0422b22a68b0f99bc5348bc62.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bad4fb9293d88230e4df0eed754178e507ae070c432899fd0eabc24af80bf349

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
age
1373936
edge-cache-tag
328122253815840334797971347784932071563,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
328122253815840334797971347784932071563,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
396
req-referer
https://trendscatchers.de/
content-length
21594
x-request-id
1ab5c5380d5a171d2222be12e71458ad
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100149-IAD, cache-iad-kcgs7200126-IAD, cache-lga21921-LGA, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Mar 2023 22:23:32 GMT
server
nginx
x-timer
S1683836588.373465,VS0,VE1
etag
"77d9e87b387cebe6273f9b2007e102cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 29, 1
hourlystat
tempnextstat.bcovery.com/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempnextstat.bcovery.com/hourlystat
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
hourlystat
tempnextstat.bcovery.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tempnextstat.bcovery.com/hourlystat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.132.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.132.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 May 2023 20:23:08 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
f871c69637e7a0d4c4c868bb59e8caee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7d46b54c82c85171c060cd4a19826b54d3384a6701f3541a648402ce139accd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
age
2164376
edge-cache-tag
299063219034705275157455083017790677629,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
299063219034705275157455083017790677629,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
174
expiration
expiry-date="Sat, 29 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.goo.ne.jp/
content-length
16800
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kiad7000130-IAD, cache-lax10674-LGB, cache-iad-kiad7000160-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 29 Mar 2023 12:54:49 GMT
server
nginx
x-timer
S1683836588.378940,VS0,VE2
etag
"ade7352b14cfa5079b3e11305d327cc3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 20, 1
yyov6tbjxfeculpargee.mp4
cdn.taboola.com/libtrc/static/video/v1671632755/ 		965 KB
966 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1671632755/yyov6tbjxfeculpargee.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26067cc5f9ac046e1285b18861e2b564daea5eaf2d886533d7abdf4cda2d13f9

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
8ZbTriLs7t5zO1nCYTDgxrtjIcAr_qok
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
Y30ZSYMSNB3GFQR3
age
102
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-988629/988630
x-amz-replication-status
COMPLETED
Content-Length
988630
x-amz-id-2
oTgMDBJ3XDBKAjumtXg7lxpYLDv30AAKyS7JxbbaTqa5Rj4uom5zyfOstwA4Y7606Htm3Aniwpk=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Wed, 21 Dec 2022 14:26:04 GMT
server
AmazonS3
x-timer
S1683836588.380345,VS0,VE1
etag
"c869d258c796d71d59788837f2146399"
content-type
video/mp4;codecs=avc1
abp
18
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
bsns15g9iifsmmhtzxk2.mp4
cdn.taboola.com/libtrc/static/video/v1683615806/ 		199 KB
199 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1683615806/bsns15g9iifsmmhtzxk2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2bb510a8cd07d4caf12d0328b4ec6c144b27989b558754e2aa1c7b7713ac913

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
KsAq3fvgIAT7yyZdXmIlvFZ3TavJfVK0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
AFYCZJSWE7C8B49E
age
91
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-203833/203834
x-amz-replication-status
PENDING
Content-Length
203834
x-amz-id-2
sd0MFXBDY06rTobVoyGU+nWHbhyo8xv6uD4XiFwm+/bNgw8bumGF+sgE74mk1FjLY1xqkILXIoU=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 07:03:31 GMT
server
AmazonS3
x-timer
S1683836588.393310,VS0,VE1
etag
"0a198545fee20ca01d21b2a1ca36f085"
content-type
video/mp4;codecs=avc1
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
405
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222280782d5e33284340b9f3b6ad8281988eea0a2f1bc396fbd6f35286ca6626

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 20:18:09 GMT
server
cloudflare
age
299
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7c5d235748c72bbb-FRA
next-up-widget.20230509-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230509-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf2d6d1676ee3c177dbcdf3cde63d34682913661e73388cb408f1815a609c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
1sYJKeavTNSD4prusrqYPRnw61zsb1bF
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 May 2023 20:23:08 GMT
x-amz-request-id
BABZHN3N94P2BN27
age
40112
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4624
x-amz-id-2
41SaBlax89+MInGcHrP5fXVRa+GLzvCCLhp+bG7+iR3V2AT4Z1dP9X9qBCufSljzJ+QU4zPqnw0=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 09:14:36 GMT
server
AmazonS3
x-timer
S1683836588.423176,VS0,VE0
etag
"26165b168c609de3d9a9c178e816e75c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
70
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2039
chss1tlybwcxpst0xnvh.mp4
cdn.taboola.com/libtrc/static/video/v1670951879/ 		425 KB
426 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1670951879/chss1tlybwcxpst0xnvh.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18f8282c783de003b86b0d2589f4b950f7447f8797fa3b79a73f74d4b04e40a4

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Ww9M0M5v.Czbfobqa0CklMOlEQMPtW_g
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
X99AZ38TYGJ0X1EZ
age
8
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-435312/435313
x-amz-replication-status
COMPLETED
Content-Length
435313
x-amz-id-2
QKCYWpFGHgnKYP+8DfUWXNRZ/2VJILcFoA88mJIkBZpo0WohNqN9dd+W9spfAj1jsDogIlRJtBE=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Tue, 13 Dec 2022 17:18:05 GMT
server
AmazonS3
x-timer
S1683836588.438296,VS0,VE1
etag
"c99175c063df80af0611f7f197d48c6c"
content-type
video/mp4;codecs=avc1
abp
67
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
knt95pypdqutanj75nl6.mp4
cdn.taboola.com/libtrc/static/video/v1677508449/ 		524 KB
525 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1677508449/knt95pypdqutanj75nl6.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a0a18910f117e0d70cef28c6b8b19085eebe7604d0ad0bb03f9cfe8c61a155c

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
1S8xjQaKPEHXzmVpq5L9HnIzhuynIjCp
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
DM032HG2AGQSG8H6
age
45
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-536888/536889
x-amz-replication-status
COMPLETED
Content-Length
536889
x-amz-id-2
F/tEAI4Yg/OzGdjw71aHmauPgIWnuPyQPcAAh1gbdezzRMAJy6adHzubKeovI103U8b0UUBpSG4=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Feb 2023 14:34:14 GMT
server
AmazonS3
x-timer
S1683836588.442508,VS0,VE1
etag
"1f2c421f86e19fb3e3827dc698e9f438"
content-type
video/mp4;codecs=avc1
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
60ed8ba2150e2e9835f7bc956d825193.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
355479f062ab9279e50aeb1d4ceb164c7680c20174f4483ee03abe46dbc51c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
age
217725
edge-cache-tag
536750727950973524112366842041908945319,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
536750727950973524112366842041908945319,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
379
req-referer
https://www.suedkurier.de/
content-length
20190
x-request-id
35ac1329b908094a00125fe44a8e0aae
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100139-IAD, cache-lax10643-LGB, cache-iad-kjyo7100091-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 06:35:32 GMT
server
nginx
x-timer
S1683836588.477065,VS0,VE0
etag
"55a4faa63c4a09cce3a6d907674d3554"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
14997824ee9c228fcf600f34e4815d95.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8491414993b4cce1e868608a33c23adcf607afc2605962798599ef16a2ac6743

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
age
3148600
edge-cache-tag
477296991188113528751957790485925568264,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag
477296991188113528751957790485925568264,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
115
expiration
expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://stage.wunderground.com/
content-length
12646
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200170-IAD, cache-chi-klot8100098-CHI, cache-iad-kcgs7200127-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 15 Mar 2023 09:06:34 GMT
server
nginx
x-timer
S1683836588.476537,VS0,VE0
etag
"a34f828b8df6ecaa308fcbfb00737364"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
87f57c351b3626ee96b86b923499a7ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54e78219ff5d7284ffd2fe85d01d22e151adb986c7fcff8a644eda5c3905b394

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_317%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
age
2440908
edge-cache-tag
529855673185721302426545584578276134058,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
cache-tag
529855673185721302426545584578276134058,411771485431036370808625334511169846851,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
102
expiration
expiry-date="Sat, 06 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.borba.info/
content-length
13866
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kiad7000154-IAD, cache-lga21947-LGA, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 05 Apr 2023 13:11:30 GMT
server
nginx
x-timer
S1683836588.476087,VS0,VE0
etag
"bd28cf1d03cf4a692c5abd60d3700dcb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 43, 2
7060b8e0422b22a68b0f99bc5348bc62.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9120c2c9935bd7e7660e87726263091f79226363a0a680b69ad297ec770da1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
age
2411652
edge-cache-tag
328122253815840334797971347784932071563,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
328122253815840334797971347784932071563,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/internationaler-fussball/2023/04/riesenwirbel-um-ronaldo-coach-bei-al-nassr-rauswurf-nach-kabinenzoff
content-length
12248
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000152-IAD, cache-iad-kiad7000137-IAD, cache-lga21982-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 14 Mar 2023 02:19:49 GMT
server
nginx
x-timer
S1683836588.476141,VS0,VE0
etag
"a0102710be639d9c34db4bb029876178"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 198, 5
44ae1dfb1846cb293b60bcfcb8af8146.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d1aecb40ee800f36b40c4d45e389a82e31e55f4498bde9150385d5e1a5aecb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/44ae1dfb1846cb293b60bcfcb8af8146.png
age
220406
edge-cache-tag
454935260536200774699196780106844800854,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
454935260536200774699196780106844800854,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
426
req-referer
https://www.fox10tv.com/2022/05/13/attorney-gulf-shores-man-indicted-with-former-clarke-sheriff-says-charges-based-technicalities/
content-length
15134
x-request-id
e949946f8df07b84e72d08a86d6cd9f5
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kcgs7200043-IAD, cache-lax10637-LGB, cache-iad-kcgs7200088-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 07:04:10 GMT
server
nginx
x-timer
S1683836588.476556,VS0,VE0
etag
"e8f66a3247ae9a83ceab2689284d572f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
c03c96c9b4de3555895fe3049b59e568.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1cc6f0e0f1e062b75078a577b806993504667e29f02a185b2ba377033e42e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03c96c9b4de3555895fe3049b59e568.jpg
age
1326108
edge-cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
535709799901016576512726148132654816682,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sun, 21 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tennisnet.com/
content-length
21702
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kcgs7200115-IAD, cache-chi-klot8100031-CHI, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 20 Apr 2023 10:20:52 GMT
server
nginx
x-timer
S1683836588.476647,VS0,VE0
etag
"a5023ce1e0c6904084ddb4bbd995d09e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 699
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
3609074
edge-cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
188
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newschannel10.com/2022/12/02/claude-news-make-changes-due-astronomical-rise-price-newsprint/
content-length
24876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000174-IAD, cache-iad-kjyo7100087-IAD, cache-lax10625-LGB, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 23 Mar 2023 00:36:48 GMT
server
nginx
x-timer
S1683836589.511580,VS0,VE0
etag
"f5287609d11c2dc6fa654bfe36da9765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 193, 2
eb2ffb397b0bd743ce226736bb9e7cca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f8c411dab45a1d21a9be8ef9547ef104783c4a6697accc8e27e0bf9f7e42a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
age
18993
edge-cache-tag
364179135319093587135400934295135614576,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
364179135319093587135400934295135614576,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
139
req-referer
https://www.oe24.at/
content-length
68574
x-request-id
edb9d3c98a0a8f6f388df904a598787d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kcgs7200166-IAD, cache-lax10671-LGB, cache-iad-kcgs7200141-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 14:27:37 GMT
server
nginx
x-timer
S1683836589.512316,VS0,VE0
etag
"c01a5a0cc276822c84c6d4d714927717"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 2
29e06f45200475f370419d2a1812c022.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9035b6f95f2a98e4a8ea5ec0f069f3af2b74cdc47a8711d96244ab508cf6fec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
age
2471832
edge-cache-tag
443468220500487987050315380734658625068,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
443468220500487987050315380734658625068,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Sat, 13 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
13812
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kjyo7100021-IAD, cache-lax10632-LGB, cache-iad-kiad7000121-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 12 Apr 2023 13:24:30 GMT
server
nginx
x-timer
S1683836589.511792,VS0,VE0
etag
"1220c2b392ac937186863b7e7709b3b6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 409, 2
169c60131cf55dd7afdcef610c8f834a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07dbb70df2498ef8e6616bac53b1131a946add2ede96c63ef322ed5d9d8b124a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
age
201286
edge-cache-tag
303813542911419847738593013879637815375,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
303813542911419847738593013879637815375,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
687
req-referer
https://www.derwesten.de/
content-length
10284
x-request-id
0a054343202ae8f9d2915ee0f7049ef3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200099-IAD, cache-iad-kjyo7100128-IAD, cache-lax10668-LGB, cache-iad-kcgs7200041-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 11:37:24 GMT
server
nginx
x-timer
S1683836589.511780,VS0,VE0
etag
"cacf6e0d1f0d1b00a492a3a8d084acc6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
d6fbf7f111fb4efa7552f3f4d34eda40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a5447352b7bf623a6f53e84a2559eac3ed5ac800f0299cdb75548c673770bf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
age
2077942
edge-cache-tag
573200521614995317052826837515243108417,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
573200521614995317052826837515243108417,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
428
req-referer
https://www.freenet.de/
content-length
11454
x-request-id
a1533428eeaa1149cd4d86470046a7a4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200146-IAD, cache-iad-kiad7000036-IAD, cache-lga21955-LGA, cache-iad-kiad7000063-IAD, cache-fra-eddf8230053-FRA
last-modified
Sun, 26 Mar 2023 15:58:07 GMT
server
nginx
x-timer
S1683836588.475639,VS0,VE0
etag
"36a598aac82ecac383c419d78146cc6a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
7060b8e0422b22a68b0f99bc5348bc62.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bad4fb9293d88230e4df0eed754178e507ae070c432899fd0eabc24af80bf349

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
age
1373936
edge-cache-tag
328122253815840334797971347784932071563,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
328122253815840334797971347784932071563,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
396
req-referer
https://trendscatchers.de/
content-length
21594
x-request-id
1ab5c5380d5a171d2222be12e71458ad
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100149-IAD, cache-iad-kcgs7200126-IAD, cache-lga21921-LGA, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Mar 2023 22:23:32 GMT
server
nginx
x-timer
S1683836588.475621,VS0,VE0
etag
"77d9e87b387cebe6273f9b2007e102cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 29, 2
f871c69637e7a0d4c4c868bb59e8caee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7d46b54c82c85171c060cd4a19826b54d3384a6701f3541a648402ce139accd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
age
2164376
edge-cache-tag
299063219034705275157455083017790677629,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
299063219034705275157455083017790677629,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
174
expiration
expiry-date="Sat, 29 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.goo.ne.jp/
content-length
16800
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kiad7000130-IAD, cache-lax10674-LGB, cache-iad-kiad7000160-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 29 Mar 2023 12:54:49 GMT
server
nginx
x-timer
S1683836588.475635,VS0,VE0
etag
"ade7352b14cfa5079b3e11305d327cc3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 20, 2
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=0d305fb94a8079a1d82ed3c8bb2e373e&sd=v2_c510ba25feea251c1bea9a79091071b2_4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b_1683836587_1683836587_CIi3jgYQ8-NDGOae7eOAMSABKAEwODib4wlAjooQSNSz2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b&pi=/&wi=-1709852854480885386&pt=home&vi=1683836587878&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22296.96875%22%2C%22eventTime%22%3A1683836588486%7D&tim=20%3A23%3A08.487&id=5168&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
579.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
9b69b34fd0afb9b191092f39e3536a7918c68eb205824e4a0ccdab6d6daf175b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
60ed8ba2150e2e9835f7bc956d825193.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b1aa4f63a06fea235bb213c0d6c050969a5da7928b4daf6078531f6935f2541

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
age
217542
edge-cache-tag
536750727950973524112366842041908945319,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
536750727950973524112366842041908945319,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
299
req-referer
https://www.milenio.com/
content-length
7974
x-request-id
153b0d8be4fc52365ef962c7f8960852
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000035-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000026-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 06:35:32 GMT
server
nginx
x-timer
S1683836589.591172,VS0,VE1
etag
"8963c8fa54cba60b375ba81ab5c7c94c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
60ed8ba2150e2e9835f7bc956d825193.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b1aa4f63a06fea235bb213c0d6c050969a5da7928b4daf6078531f6935f2541

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
age
217542
edge-cache-tag
536750727950973524112366842041908945319,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
536750727950973524112366842041908945319,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
299
req-referer
https://www.milenio.com/
content-length
7974
x-request-id
153b0d8be4fc52365ef962c7f8960852
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000035-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000026-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 06:35:32 GMT
server
nginx
x-timer
S1683836589.640588,VS0,VE0
etag
"8963c8fa54cba60b375ba81ab5c7c94c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
v5
metrics.getrockerbox.com/track/ 		44 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=24810953&tier_three=3686759126&tier_four=ultrasurf-ultrasurf&tier_five=Desktop&auction_id=2023-05-11+20%3A23%3A08&referrer=ultrasurfing.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1vFrg6az%2FQnrwAf01tmi6xi6z4eH8o6o1sMMmPP0qs4GaZ%2BO1gCsUYa40DffYdTr%2B%2Bb%2BSDI%2BLP1nA9Gqo2zUCfB4SqvoOwBZNoIS5fxZoU%2FeMAWwl%2FkWF3xghKP7NLoN937kXQyMp%2FR82Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
7c5d235709d09962-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v5
metrics.getrockerbox.com/track/ 		44 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=24810953&tier_three=3686759134&tier_four=ultrasurf-ultrasurf&tier_five=Desktop&auction_id=2023-05-11+20%3A23%3A08&referrer=ultrasurfing.com&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.103.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE8e8nRIOKii2NAWV29wbJtEKZeVbXWYIN70jodWw19QMoA7%2F5KGDbjv0W1fqdO2QwJbb2Wce4PU%2BilO16YCB3HhmClsdfXtV38Byy1C9RNsQ9L9D1Lna5CTIOqu39ruDeaFQifnOx668go%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
7c5d23572b4b2ba8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
B29577490.362891373;dc_pre=CPH_742M7v4CFRqH_QcdayIJ1A;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CPH_742M7v4CFRqH_QcdayIJ1A;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CPH_742M7v4CFRqH_QcdayIJ1A;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B29577490.362891373;dc_pre=CPH_742M7v4CFRqH_QcdayIJ1A;dc_trk_aid=553660657;dc_trk_cid=183838214;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://ultrasurfing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 11 May 2023 20:23:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
297005
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.45.0
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
337872
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7c5d2357bd2891cf-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		121 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.73.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-73-107.compute-1.amazonaws.com
Software
/
Resource Hash
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
0
content-type
application/json
access-control-allow-origin
http://ultrasurfing.com
access-control-allow-credentials
true
trace-id
f2a9ee64d0f512fd
content-length
121
id
id.crwdcntrl.net/ 		43 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17228
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.163.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache
x-server
10.45.6.60
access-control-allow-credentials
true
content-length
43
expires
0
fpc
at.teads.tv/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:08 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:23:08 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		147 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=510136224565145&correlator=1200481453585949&eid=31072019%2C31074371%2C31074475%2C44777899%2C31061690&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=2080800890%2C288064886%2C2558321257&didk=170519367~1979917241~869191659&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dgeneralsearch.net%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D1174dd0e34fe3043%26hb_size%3D120x600%26hb_bidder%3Dappnexus%26hb_pb%3D0.23%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_adomain%3Dgeneralsearch.net%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D118e25b41fd13d92%26hb_size%3D970x90%26hb_bidder%3Dappnexus%26hb_pb%3D0.08%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_adomain%3Dgeneralsearch.net%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D119a1c2e01c922aa%26hb_size%3D120x600%26hb_bidder%3Dappnexus%26hb_pb%3D0.23%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D500%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26fabrickIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D1000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=0&cookie_enabled=1&abxe=1&dt=1683836588800&lmt=1683836588&dlt=1683836586998&idt=1057&adxs=325%2C436%2C975&adys=487%2C7469%2C487&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x7496%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=742740736.1683836588&ga_sid=1683836589&ga_hid=1860238262&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4d82ca5005a24b6c1c0bc02a543059a26371b5dd7a8912b3b3e1f2dfacc77dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21931
x-xss-protection
0
google-lineitem-id
5182049175,5182757492,5182049175
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138366628380,138366628377,138328068102
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ultrasurfing.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9eb678410089ec829489f54c6293ab987ed8af5765859c040728c0abb1a43d0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11311
x-xss-protection
0
container.html
1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:23:08 GMT
expires
Fri, 10 May 2024 20:23:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=6a1b54059651a7dbc940506612b35386&sd=v2_c510ba25feea251c1bea9a79091071b2_4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b_1683836587_1683836588_CIi3jgYQ8-NDGOae7eOAMSABKAEwODib4wlAjooQSNSz2QNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b&pi=/&wi=-1709852854480885386&pt=home&vi=1683836587878&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1683836588838%7D&tim=20%3A23%3A08.838&id=5998&llvl=2&cv=20230509-15-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 May 2023 20:23:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
60ed8ba2150e2e9835f7bc956d825193.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
908ff6d200b07e277f56620f4c88806309d169898d46390a6b89c43ae246a7e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
age
221423
edge-cache-tag
536750727950973524112366842041908945319,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
536750727950973524112366842041908945319,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.t-online.de/
content-length
34474
x-request-id
3365ae3671e2bc86867417f49bdb9604
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200091-IAD, cache-iad-kjyo7100069-IAD, cache-chi-klot8100020-CHI, cache-iad-kiad7000104-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 06:35:32 GMT
server
nginx
x-timer
S1683836589.865416,VS0,VE2
etag
"5a8f5862b629b42336497a9915126771"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 1
7060b8e0422b22a68b0f99bc5348bc62.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9120c2c9935bd7e7660e87726263091f79226363a0a680b69ad297ec770da1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7060b8e0422b22a68b0f99bc5348bc62.jpg
age
2411653
edge-cache-tag
328122253815840334797971347784932071563,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
328122253815840334797971347784932071563,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/news/internationaler-fussball/2023/04/riesenwirbel-um-ronaldo-coach-bei-al-nassr-rauswurf-nach-kabinenzoff
content-length
12248
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000152-IAD, cache-iad-kiad7000137-IAD, cache-lga21982-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 14 Mar 2023 02:19:49 GMT
server
nginx
x-timer
S1683836589.865754,VS0,VE0
etag
"a0102710be639d9c34db4bb029876178"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 198, 6
f871c69637e7a0d4c4c868bb59e8caee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
274f572aaf1453d313af892b1af4ce76b413ca833b6c3ec062923eb6e82db61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
age
2323816
edge-cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
13176
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100144-IAD, cache-iad-kiad7000066-IAD, cache-chi-kigq8000037-CHI, cache-iad-kiad7000139-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Mar 2023 14:37:49 GMT
server
nginx
x-timer
S1683836589.865750,VS0,VE1
etag
"5e2ca84a187ab116becf7ad083656d9f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 3, 1
14997824ee9c228fcf600f34e4815d95.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cbfb2cca3b041eb7e03f394f6cc31330aca39c8b24ecd7d4fc3525f5e35155b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
age
4893023
edge-cache-tag
477296991188113528751957790485925568264,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
477296991188113528751957790485925568264,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
157
expiration
expiry-date="Fri, 31 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://start.ultrasurfing.com/
content-length
23028
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100085-IAD, cache-iad-kiad7000051-IAD, cache-chi-kigq8000167-CHI, cache-iad-kcgs7200065-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 28 Feb 2023 12:49:16 GMT
server
nginx
x-timer
S1683836589.867931,VS0,VE5
etag
"212a40e78080d79fbeb56defbc2c5ca3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 11, 1
3fec8853f8bf921e46c7f88f78111e52.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fec8853f8bf921e46c7f88f78111e52.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ddd23d4a42475d4c887357e2083479935290080a7d04eedd2da40fbd06065101

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fec8853f8bf921e46c7f88f78111e52.jpg
age
2004561
edge-cache-tag
299988181134072640175433077091303579316,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
299988181134072640175433077091303579316,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
127
expiration
expiry-date="Sat, 29 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://spicytrends.com/
content-length
9052
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kiad7000123-IAD, cache-chi-klot8100102-CHI, cache-iad-kcgs7200119-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 29 Mar 2023 14:25:31 GMT
server
nginx
x-timer
S1683836589.869505,VS0,VE2
etag
"e87874357911e7e9aadccab501ea9a0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 29, 1
87f57c351b3626ee96b86b923499a7ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7abb9ca9a6f296824cbb079bfb9a72081895a394e29187fd87c6fab2dd9d1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
age
2619455
edge-cache-tag
529855673185721302426545584578276134058,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
529855673185721302426545584578276134058,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
216
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gedankenwelt.de/
content-length
19818
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kiad7000136-IAD, cache-lga21948-LGA, cache-iad-kjyo7100088-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Mar 2023 12:59:02 GMT
server
nginx
x-timer
S1683836589.869624,VS0,VE2
etag
"c70ef3353dd441435127ff73545c5849"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 7, 1
37715cba5c56cdcffdb8d8379e1e9d9e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37715cba5c56cdcffdb8d8379e1e9d9e.png
age
3609075
edge-cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
356663971345648207517802745915964355189,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
188
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newschannel10.com/2022/12/02/claude-news-make-changes-due-astronomical-rise-price-newsprint/
content-length
24876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000174-IAD, cache-iad-kjyo7100087-IAD, cache-lax10625-LGB, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 23 Mar 2023 00:36:48 GMT
server
nginx
x-timer
S1683836589.876895,VS0,VE0
etag
"f5287609d11c2dc6fa654bfe36da9765"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 193, 3
eb2ffb397b0bd743ce226736bb9e7cca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c98b72b404f1e6d52aa5104d51fad3f2578017b418cf86a98e1def8da7be16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
age
17770
edge-cache-tag
364179135319093587135400934295135614576,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
364179135319093587135400934295135614576,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
487
req-referer
https://de.webfail.com/
content-length
22222
x-request-id
96197731eb13e6c13cb9999b3906c326
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200072-IAD, cache-iad-kjyo7100054-IAD, cache-lax10642-LGB, cache-iad-kiad7000154-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 14:27:37 GMT
server
nginx
x-timer
S1683836589.877502,VS0,VE1
etag
"6fe5e00a281485175dd235577cb569fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
d6fbf7f111fb4efa7552f3f4d34eda40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12b6f03e5add0ddd865c8fbbcbfef58b7b389d6f6b3b2031b345c402f1492c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
age
2613047
edge-cache-tag
573200521614995317052826837515243108417,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
573200521614995317052826837515243108417,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
101
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport5.co.il/
content-length
25358
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kjyo7100132-IAD, cache-lax10669-LGB, cache-iad-kjyo7100115-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 14 Mar 2023 12:48:07 GMT
server
nginx
x-timer
S1683836589.877120,VS0,VE2
etag
"b67bd10ec905ac35c38e9884fe5abfc2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 39, 1
29e06f45200475f370419d2a1812c022.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b43d2d07c7292eb5b32b05cf2d73fcf8f3412d547b268eea358a4aa30ab3e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
age
2615465
edge-cache-tag
443468220500487987050315380734658625068,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
443468220500487987050315380734658625068,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
226
expiration
expiry-date="Fri, 12 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lecker.de/
content-length
40582
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000090-IAD, cache-iad-kiad7000085-IAD, cache-lga21939-LGA, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 11 Apr 2023 10:56:04 GMT
server
nginx
x-timer
S1683836589.880457,VS0,VE0
etag
"17eecabc7d82c994a8c2167429e4ef30"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 34, 2
169c60131cf55dd7afdcef610c8f834a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6d97558e6bb254641af2704f324d2f3cd497619e3695c1a1e77a406a0c33cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
age
201587
edge-cache-tag
303813542911419847738593013879637815375,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
303813542911419847738593013879637815375,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
589
req-referer
https://www.express.de/
content-length
23974
x-request-id
d3462bd86fa7b46abd04d7fadbe3ce75
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kcgs7200163-IAD, cache-lax10630-LGB, cache-iad-kiad7000119-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 11:37:24 GMT
server
nginx
x-timer
S1683836589.880865,VS0,VE2
etag
"b845979f2d66e04119b6db8742209564"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
61459c37a5780b1bb0f5147390499050.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82b4ac42d933ee78860ff7c601245dfd070baf2d5ce327ced0fede73a8c09136

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
age
2272755
edge-cache-tag
448172535434214216740621872852129660405,409912741995689740253102436896662173492,29ecf9b93bbf306179626feeda1fab70
cache-tag
448172535434214216740621872852129660405,409912741995689740253102436896662173492,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
150
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://apnews.com/
content-length
75460
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200028-IAD, cache-iad-kiad7000179-IAD, cache-lax10660-LGB, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 03 Apr 2023 02:44:55 GMT
server
nginx
x-timer
S1683836589.880775,VS0,VE2
etag
"bccf8d3601d8ff0a03e819a08fad6410"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 22, 1
329fe20a7d98125adf47f2eb5a640fe9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/329fe20a7d98125adf47f2eb5a640fe9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5457fd78471b76755f4db87382c2ee5c7ac1d68abad6c0c7104cfdf22b5af16f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/329fe20a7d98125adf47f2eb5a640fe9.png
age
277827
edge-cache-tag
397565755778938527100217506365948659042,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
397565755778938527100217506365948659042,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
115
req-referer
https://www.express.de/
content-length
60818
x-request-id
74e459a20eed5780ffc6cdeeb5fa9477
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200022-IAD, cache-iad-kjyo7100076-IAD, cache-lax10654-LGB, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 08 May 2023 14:19:55 GMT
server
nginx
x-timer
S1683836589.886771,VS0,VE0
etag
"52b9a76e991684b3bf6e1b3ff3462c0b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
st
imprammp.taboola.com/ Frame 27D7 		577 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683836588904&uv=3275&tms=1683836588904&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b90f49b-d964-4d3a-9a76-841ea07329ae&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
65d9212b443db11499e58dcc5a257201ed013c67d6ba3ca48ad719361852bb1d

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 May 2023 20:23:08 GMT
Server
nginx
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230020-FRA
X-Timer
S1683836589.917764,VS0,VE10
transfer-encoding
chunked
sync
am-match.taboola.com/ Frame 4C5E 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6f7b29d11ee17992cd88f5a58576578c886c929316fe2e6abaeae518943b2ef6

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 11 May 2023 20:23:08 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683836588913&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1518&pt=1580870882&tz=0&viewable=true&ddast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

X-Cache-Hits
0
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Encoding
gzip
Via
1.1 varnish
MachineId
1457
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-fra-eddf8230068-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1683836589.925797,VS0,VE83
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=31589837&cb=1683836588904&uv=3275&tms=1683836588904&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1683836586663.6!ts:1683836588904&mntl=1
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
knt95pypdqutanj75nl6.mp4
cdn.taboola.com/libtrc/static/video/v1677508449/ 		524 KB
525 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1677508449/knt95pypdqutanj75nl6.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a0a18910f117e0d70cef28c6b8b19085eebe7604d0ad0bb03f9cfe8c61a155c

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
1S8xjQaKPEHXzmVpq5L9HnIzhuynIjCp
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
DM032HG2AGQSG8H6
age
46
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-536888/536889
x-amz-replication-status
COMPLETED
Content-Length
536889
x-amz-id-2
F/tEAI4Yg/OzGdjw71aHmauPgIWnuPyQPcAAh1gbdezzRMAJy6adHzubKeovI103U8b0UUBpSG4=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Feb 2023 14:34:14 GMT
server
AmazonS3
x-timer
S1683836589.926714,VS0,VE1
etag
"1f2c421f86e19fb3e3827dc698e9f438"
content-type
video/mp4;codecs=avc1
abp
96
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
chss1tlybwcxpst0xnvh.mp4
cdn.taboola.com/libtrc/static/video/v1670951879/ 		425 KB
426 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1670951879/chss1tlybwcxpst0xnvh.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18f8282c783de003b86b0d2589f4b950f7447f8797fa3b79a73f74d4b04e40a4

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Ww9M0M5v.Czbfobqa0CklMOlEQMPtW_g
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
X99AZ38TYGJ0X1EZ
age
8
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-435312/435313
x-amz-replication-status
COMPLETED
Content-Length
435313
x-amz-id-2
QKCYWpFGHgnKYP+8DfUWXNRZ/2VJILcFoA88mJIkBZpo0WohNqN9dd+W9spfAj1jsDogIlRJtBE=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Tue, 13 Dec 2022 17:18:05 GMT
server
AmazonS3
x-timer
S1683836589.927959,VS0,VE2
etag
"c99175c063df80af0611f7f197d48c6c"
content-type
video/mp4;codecs=avc1
abp
43
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
yyov6tbjxfeculpargee.mp4
cdn.taboola.com/libtrc/static/video/v1671632755/ 		965 KB
966 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1671632755/yyov6tbjxfeculpargee.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26067cc5f9ac046e1285b18861e2b564daea5eaf2d886533d7abdf4cda2d13f9

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
8ZbTriLs7t5zO1nCYTDgxrtjIcAr_qok
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
Y30ZSYMSNB3GFQR3
age
102
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-988629/988630
x-amz-replication-status
COMPLETED
Content-Length
988630
x-amz-id-2
oTgMDBJ3XDBKAjumtXg7lxpYLDv30AAKyS7JxbbaTqa5Rj4uom5zyfOstwA4Y7606Htm3Aniwpk=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Wed, 21 Dec 2022 14:26:04 GMT
server
AmazonS3
x-timer
S1683836589.928129,VS0,VE2
etag
"c869d258c796d71d59788837f2146399"
content-type
video/mp4;codecs=avc1
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 May 2023 20:23:09 GMT
yyov6tbjxfeculpargee.mp4
cdn.taboola.com/libtrc/static/video/v1671632755/ 		965 KB
966 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1671632755/yyov6tbjxfeculpargee.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26067cc5f9ac046e1285b18861e2b564daea5eaf2d886533d7abdf4cda2d13f9

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
8ZbTriLs7t5zO1nCYTDgxrtjIcAr_qok
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
Y30ZSYMSNB3GFQR3
age
102
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-988629/988630
x-amz-replication-status
COMPLETED
Content-Length
988630
x-amz-id-2
oTgMDBJ3XDBKAjumtXg7lxpYLDv30AAKyS7JxbbaTqa5Rj4uom5zyfOstwA4Y7606Htm3Aniwpk=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Wed, 21 Dec 2022 14:26:04 GMT
server
AmazonS3
x-timer
S1683836589.978333,VS0,VE3
etag
"c869d258c796d71d59788837f2146399"
content-type
video/mp4;codecs=avc1
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
bsns15g9iifsmmhtzxk2.mp4
cdn.taboola.com/libtrc/static/video/v1683615806/ 		199 KB
200 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1683615806/bsns15g9iifsmmhtzxk2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2bb510a8cd07d4caf12d0328b4ec6c144b27989b558754e2aa1c7b7713ac913

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
KsAq3fvgIAT7yyZdXmIlvFZ3TavJfVK0
date
Thu, 11 May 2023 20:23:08 GMT
via
1.1 varnish
x-amz-request-id
AFYCZJSWE7C8B49E
age
92
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-203833/203834
x-amz-replication-status
PENDING
Content-Length
203834
x-amz-id-2
sd0MFXBDY06rTobVoyGU+nWHbhyo8xv6uD4XiFwm+/bNgw8bumGF+sgE74mk1FjLY1xqkILXIoU=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 07:03:31 GMT
server
AmazonS3
x-timer
S1683836589.978333,VS0,VE3
etag
"0a198545fee20ca01d21b2a1ca36f085"
content-type
video/mp4;codecs=avc1
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
60ed8ba2150e2e9835f7bc956d825193.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
908ff6d200b07e277f56620f4c88806309d169898d46390a6b89c43ae246a7e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60ed8ba2150e2e9835f7bc956d825193.jpg
age
221423
edge-cache-tag
536750727950973524112366842041908945319,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
536750727950973524112366842041908945319,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.t-online.de/
content-length
34474
x-request-id
3365ae3671e2bc86867417f49bdb9604
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200091-IAD, cache-iad-kjyo7100069-IAD, cache-chi-klot8100020-CHI, cache-iad-kiad7000104-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 06:35:32 GMT
server
nginx
x-timer
S1683836589.015694,VS0,VE0
etag
"5a8f5862b629b42336497a9915126771"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 2
f871c69637e7a0d4c4c868bb59e8caee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
274f572aaf1453d313af892b1af4ce76b413ca833b6c3ec062923eb6e82db61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871c69637e7a0d4c4c868bb59e8caee.jpg
age
2323816
edge-cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
299063219034705275157455083017790677629,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
13176
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100144-IAD, cache-iad-kiad7000066-IAD, cache-chi-kigq8000037-CHI, cache-iad-kiad7000139-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Mar 2023 14:37:49 GMT
server
nginx
x-timer
S1683836589.016562,VS0,VE0
etag
"5e2ca84a187ab116becf7ad083656d9f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 3, 2
generic
match.adsrvr.org/track/cmf/ Frame 4C5E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4C5E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e341:f6b2:dd43:a873 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 4C5E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.75.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-75-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 27D7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683836588904&uv=3275&tms=1683836588904&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b90f49b-d964-4d3a-9a76-841ea07329ae&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 27D7 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683836588904&uv=3275&tms=1683836588904&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b90f49b-d964-4d3a-9a76-841ea07329ae&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e341:f6b2:dd43:a873 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
fbe2c5fb0c0995bc67959399b97d39c4b31324e2254b842bcea7993ad40c3584
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_7_5/infra/ 		889 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d

Request headers

Referer
http://ultrasurfing.com/
Origin
http://ultrasurfing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683645077
Date
Thu, 11 May 2023 20:23:09 GMT
Via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
190948
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1683645078
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
200195
X-Served-By
cache-fra-eddf8230098-FRA
Last-Modified
Tue, 09 May 2023 15:11:19 GMT
Server
AmazonS3
X-Timer
S1683836589.116672,VS0,VE0
ETag
"f0c45468d729788adab04c7c774f6382"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
A_BYf7xjbn9f-7SxsofEkeCgC6eFyTt9MFkYiYmPSZWRa-Pu_76yxg==
X-Cache-Hits
2358
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_5/assets/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/vpaid/units/32_7_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683645113
Date
Thu, 11 May 2023 20:23:09 GMT
Via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
191435
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1683645114
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
9098
X-Served-By
cache-fra-eddf8230133-FRA
Last-Modified
Tue, 09 May 2023 15:11:55 GMT
Server
AmazonS3
X-Timer
S1683836589.111328,VS0,VE0
ETag
"61cb141147e307fd87ad58965536cba5"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
text/css
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
GCWOG94wCi8XX15_7jM_XXKXPkjrshNHFZgrjHY7UwtoBCxvdJuNPw==
X-Cache-Hits
29279
14997824ee9c228fcf600f34e4815d95.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cbfb2cca3b041eb7e03f394f6cc31330aca39c8b24ecd7d4fc3525f5e35155b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/14997824ee9c228fcf600f34e4815d95.jpg
age
4893023
edge-cache-tag
477296991188113528751957790485925568264,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
477296991188113528751957790485925568264,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
157
expiration
expiry-date="Fri, 31 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://start.ultrasurfing.com/
content-length
23028
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100085-IAD, cache-iad-kiad7000051-IAD, cache-chi-kigq8000167-CHI, cache-iad-kcgs7200065-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 28 Feb 2023 12:49:16 GMT
server
nginx
x-timer
S1683836589.111753,VS0,VE0
etag
"212a40e78080d79fbeb56defbc2c5ca3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 11, 2
3fec8853f8bf921e46c7f88f78111e52.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fec8853f8bf921e46c7f88f78111e52.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ddd23d4a42475d4c887357e2083479935290080a7d04eedd2da40fbd06065101

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fec8853f8bf921e46c7f88f78111e52.jpg
age
2004561
edge-cache-tag
299988181134072640175433077091303579316,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
299988181134072640175433077091303579316,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
127
expiration
expiry-date="Sat, 29 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://spicytrends.com/
content-length
9052
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kiad7000123-IAD, cache-chi-klot8100102-CHI, cache-iad-kcgs7200119-IAD, cache-fra-eddf8230053-FRA
last-modified
Wed, 29 Mar 2023 14:25:31 GMT
server
nginx
x-timer
S1683836589.117086,VS0,VE0
etag
"e87874357911e7e9aadccab501ea9a0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 29, 2
87f57c351b3626ee96b86b923499a7ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7abb9ca9a6f296824cbb079bfb9a72081895a394e29187fd87c6fab2dd9d1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
age
2619455
edge-cache-tag
529855673185721302426545584578276134058,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
529855673185721302426545584578276134058,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
216
expiration
expiry-date="Thu, 27 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gedankenwelt.de/
content-length
19818
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kiad7000136-IAD, cache-lga21948-LGA, cache-iad-kjyo7100088-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 27 Mar 2023 12:59:02 GMT
server
nginx
x-timer
S1683836589.117096,VS0,VE0
etag
"c70ef3353dd441435127ff73545c5849"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 7, 2
eb2ffb397b0bd743ce226736bb9e7cca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c98b72b404f1e6d52aa5104d51fad3f2578017b418cf86a98e1def8da7be16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb2ffb397b0bd743ce226736bb9e7cca.jpg
age
17770
edge-cache-tag
364179135319093587135400934295135614576,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
364179135319093587135400934295135614576,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
487
req-referer
https://de.webfail.com/
content-length
22222
x-request-id
96197731eb13e6c13cb9999b3906c326
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200072-IAD, cache-iad-kjyo7100054-IAD, cache-lax10642-LGB, cache-iad-kiad7000154-IAD, cache-fra-eddf8230053-FRA
last-modified
Thu, 11 May 2023 14:27:37 GMT
server
nginx
x-timer
S1683836589.117107,VS0,VE0
etag
"6fe5e00a281485175dd235577cb569fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
d6fbf7f111fb4efa7552f3f4d34eda40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12b6f03e5add0ddd865c8fbbcbfef58b7b389d6f6b3b2031b345c402f1492c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fbf7f111fb4efa7552f3f4d34eda40.jpg
age
2613047
edge-cache-tag
573200521614995317052826837515243108417,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
573200521614995317052826837515243108417,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
101
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport5.co.il/
content-length
25358
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kjyo7100132-IAD, cache-lax10669-LGB, cache-iad-kjyo7100115-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 14 Mar 2023 12:48:07 GMT
server
nginx
x-timer
S1683836589.118028,VS0,VE0
etag
"b67bd10ec905ac35c38e9884fe5abfc2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 39, 2
29e06f45200475f370419d2a1812c022.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b43d2d07c7292eb5b32b05cf2d73fcf8f3412d547b268eea358a4aa30ab3e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29e06f45200475f370419d2a1812c022.png
age
2615466
edge-cache-tag
443468220500487987050315380734658625068,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
443468220500487987050315380734658625068,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
226
expiration
expiry-date="Fri, 12 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lecker.de/
content-length
40582
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000090-IAD, cache-iad-kiad7000085-IAD, cache-lga21939-LGA, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 11 Apr 2023 10:56:04 GMT
server
nginx
x-timer
S1683836589.117996,VS0,VE0
etag
"17eecabc7d82c994a8c2167429e4ef30"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 34, 3
169c60131cf55dd7afdcef610c8f834a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6d97558e6bb254641af2704f324d2f3cd497619e3695c1a1e77a406a0c33cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/169c60131cf55dd7afdcef610c8f834a.jpg
age
201587
edge-cache-tag
303813542911419847738593013879637815375,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
303813542911419847738593013879637815375,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
589
req-referer
https://www.express.de/
content-length
23974
x-request-id
d3462bd86fa7b46abd04d7fadbe3ce75
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kcgs7200163-IAD, cache-lax10630-LGB, cache-iad-kiad7000119-IAD, cache-fra-eddf8230053-FRA
last-modified
Tue, 09 May 2023 11:37:24 GMT
server
nginx
x-timer
S1683836589.120382,VS0,VE0
etag
"b845979f2d66e04119b6db8742209564"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
61459c37a5780b1bb0f5147390499050.jpg
images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82b4ac42d933ee78860ff7c601245dfd070baf2d5ce327ced0fede73a8c09136

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_412,w_740,c_fill,g_xy_center,x_600,y_359/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61459c37a5780b1bb0f5147390499050.jpg
age
2272755
edge-cache-tag
448172535434214216740621872852129660405,409912741995689740253102436896662173492,29ecf9b93bbf306179626feeda1fab70
cache-tag
448172535434214216740621872852129660405,409912741995689740253102436896662173492,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
150
expiration
expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://apnews.com/
content-length
75460
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200028-IAD, cache-iad-kiad7000179-IAD, cache-lax10660-LGB, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 03 Apr 2023 02:44:55 GMT
server
nginx
x-timer
S1683836589.139215,VS0,VE0
etag
"bccf8d3601d8ff0a03e819a08fad6410"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 22, 2
329fe20a7d98125adf47f2eb5a640fe9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/329fe20a7d98125adf47f2eb5a640fe9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5457fd78471b76755f4db87382c2ee5c7ac1d68abad6c0c7104cfdf22b5af16f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/329fe20a7d98125adf47f2eb5a640fe9.png
age
277827
edge-cache-tag
397565755778938527100217506365948659042,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
397565755778938527100217506365948659042,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
115
req-referer
https://www.express.de/
content-length
60818
x-request-id
74e459a20eed5780ffc6cdeeb5fa9477
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200022-IAD, cache-iad-kjyo7100076-IAD, cache-lax10654-LGB, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 08 May 2023 14:19:55 GMT
server
nginx
x-timer
S1683836589.139332,VS0,VE0
etag
"52b9a76e991684b3bf6e1b3ff3462c0b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 3
pv
tra.neodatagroup.com/
Redirect Chain
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=532834265261&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@n...
  • https://tra.neodatagroup.com/pv?sid=2033&rnd=532834265261&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@n...
59 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.neodatagroup.com/pv?sid=2033&rnd=532834265261&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=5dace1aa-4b46-443a-90ac-9a06b95493e5;pubcid;PublisherCommonId&pbs=true&neoid=31018f6a942059f
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0599d4ae8285407f73456517de08f23eb35063a1fe01490eeb6ec2e0823cd700

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
59
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin
*
Location
/pv?sid=2033&rnd=532834265261&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=5dace1aa-4b46-443a-90ac-9a06b95493e5;pubcid;PublisherCommonId&pbs=true&neoid=31018f6a942059f
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
js
pixel.mathtag.com/sync/
Redirect Chain
  • http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261
Protocol
HTTP/1.1
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master zrh-pixel-x27 config_version:"unknown" /
Resource Hash
2c1e58df634cb70e1f4cd557dfe24b93d4f595c3ab30db077011b7e57f5957d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x27 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1566
Expires
Thu, 11 May 2023 20:23:08 GMT

Redirect headers

Date
Thu, 11 May 2023 20:23:09 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:23:08 GMT
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=532834265261
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=3595731012829818103&rt=img&rnd=532834265261
  • https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=3595731012829818103&rt=img&rnd=532834265261&neoid=31018f6a96005d9
1 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=3595731012829818103&rt=img&rnd=532834265261&neoid=31018f6a96005d9
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin
*
Location
/cm?sid=1&pv=APN&eid=3595731012829818103&rt=img&rnd=532834265261&neoid=31018f6a96005d9
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
cm
tracker.neodatagroup.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=532834265261
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=532834265261&google_gid=CAESEOWbr0r8Yz1I5ZyJg_AzdMg&google_cver=1
  • https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=532834265261&google_gid=CAESEOWbr0r8Yz1I5ZyJg_AzdMg&google_cver=1&neoid=31018f6a990059d
1 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=532834265261&google_gid=CAESEOWbr0r8Yz1I5ZyJg_AzdMg&google_cver=1&neoid=31018f6a990059d
Protocol
HTTP/1.1
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin
*
Location
/cm?pv=dbm&sid=1&rt=img&rnd=532834265261&google_gid=CAESEOWbr0r8Yz1I5ZyJg_AzdMg&google_cver=1&neoid=31018f6a990059d
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
text/richtext;charset=UTF-8
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cms
ups.analytics.yahoo.com/ups/58681/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=532834265261
  • https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=532834265261
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=532834265261
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=532834265261
content-type
text/html
cache-control
no-store
content-length
368
usync.html
eus.rubiconproject.com/ Frame 6C37 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1683836588904&uv=3275&tms=1683836588904&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b90f49b-d964-4d3a-9a76-841ea07329ae&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 May 2023 20:23:09 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
579.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
d7a7ada7a71cfb30753fc6b01acf34d453382c9f1aa6b2a415929cb261b80b03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ultrasurfing.com
date
Thu, 11 May 2023 20:23:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E93 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 18:21:53 GMT
expires
Fri, 10 May 2024 18:21:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D8BC 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
325c2e22bcef7a460e5af8c8ff3ef87bf532d16962dbab44f678611d9230958c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XxyQPpQzFDzeAQIf2SeRHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-XxyQPpQzFDzeAQIf2SeRHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:23:09 GMT
expires
Thu, 11 May 2023 20:23:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content_v3.js
vidstat.taboola.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
4013130
X-Cache
Hit from cloudfront, HIT
Connection
keep-alive
Content-Length
4839
X-Served-By
cache-fra-eddf8230133-FRA
Last-Modified
Wed, 20 Jul 2022 13:23:50 GMT
Server
AmazonS3
X-Timer
S1683836589.313543,VS0,VE0
ETag
"f7533e747bb02a8eb527ada4f2749620"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
X-Cache-Hits
53527
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/ 		436 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime
1683622864
Date
Thu, 11 May 2023 20:23:09 GMT
Via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
Age
213679
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1683622864
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
103956
X-Served-By
cache-fra-eddf8230133-FRA
Last-Modified
Tue, 09 May 2023 09:01:05 GMT
Server
AmazonS3
X-Timer
S1683836589.337333,VS0,VE0
ETag
"3277393b352241263c34b3d6dff9248e"
x-amz-meta-uid
0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
Content-Type
application/javascript
x-amz-meta-gid
0
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
KSlDPb9LS5gv2Dj-l8mnog6rrNL660JLsWnJ-1zwaBtlJYbVZMsTnA==
X-Cache-Hits
30791
sync
am-match.taboola.com/ Frame 9EA6 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
65d9212b443db11499e58dcc5a257201ed013c67d6ba3ca48ad719361852bb1d

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 11 May 2023 20:23:09 GMT
machineid
3401
server
nginx
st
am-vid-events.taboola.com/ 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&cmcv=&pix=31579697&cb=1683836589343&uv=3275&tms=1683836589343&su=3&abt=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 6C37 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
def0dc1680d9e3cc3bfff20c89bf5dea9e1c1378c076c9af82616efb7d168db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 15:40:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69470
Connection
keep-alive
Content-Length
10019
Expires
Fri, 12 May 2023 15:40:59 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
90 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
http://ultrasurfing.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
Date
Thu, 11 May 2023 20:23:09 GMT
Via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
X-Amz-Cf-Pop
FRA60-P1
Age
3872943
X-Cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
90784
X-Served-By
cache-fra-eddf8230126-FRA
Last-Modified
Sun, 02 Jul 2017 20:40:57 GMT
Server
AmazonS3
X-Timer
S1683836589.392266,VS0,VE0
ETag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
X-Cache-Hits
1120277
view
securepubads.g.doubleclick.net/pcs/ Frame 9AF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNDwM__1NZpEj1zY2unUQ1cTT6AGWlskCUBPJc_-x5rRMRntIm5agGfRLvShkLudMI-YO5No_bL-Xlow4DJcYtam9JbBRQ60p7rbro3WGDrEV2jYaLm9mpZJ71gT_b22L0w71aMPt_ayIbG1p5r5t5uAAd5dzQdAZ91fBjJzXazVKeMYex8D872GveKWTkoRkpD54KDox-0sOuTV31LWlDWKWFAboHLO3d6OmvlVEdxsdnibbZILDyiVh5ly-dADZab7I_Rlehb3RcMfMI0QJeliU0hRSfLs3sv7EUIcXP9ZO1W_WtULjMOBT7txFeJi8lUJ7BvSYw3bRSx02I7ShpmLMCfHA&sai=AMfl-YRIVIA6nMB9buNhbWKm5Oy3HLgZQtdhfiOMK4md4gr9sR0Mh8yw3UBZpDsSNjVJnPhBCt8LmAM7y08iBx_Omx7oMkV31fkgrmx6cM0XBpzaidwtq2nKWaJm9H1mzGUbXarD4gum-kiVHTpXE4nq&sig=Cg0ArKJSzHHL-VBL9XBREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame 9AF6 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b62b2b3850cc248a542b7d3af7a6a13b296b53e51a0edc02986d53cdb6829174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:23:09 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Thu, 11 May 2023 20:28:09 GMT
log
qsearch-a.akamaihd.net/ Frame 9AF6 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587520&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=3246201446238348046&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=2.3526&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=52&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=120x600&f_seg=&prdp=0.3120&ogcbdp=0.6500&dfpbd=0.3120&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202305111435_generic_appn_2-cid_1&viewability=0.4500&dmm_r=0.2820&cut=52&dmm_l=0.2820&as_cache=0&tcyerpm=&content_language=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683836587897&cc=DE&strg=harmony&ss=&video_maxdur=-1&current_hour=20&time_stamp=2023-05-11+20%3A23%3A07&content_network=&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.6500&ct=Saalfeld&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=9009&bdp_bucket=0.60&algo=unison12&dc=eu_be&splid=27587520&dim4=exploration&erpm_mult=1.000000&dn=ultrasurfing.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&dmm_m10=754194&bdp_wider_bucket=1&acid=e5b737c945ad43a7a2f5db35345c98f6&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.4630&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3330850&dmm_m1=2023-05-11+20%3A23%3A07.900548963&e_rpm=0.2170&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.4630&cid=8CUH5EN48&bcrid=424785534&rawbid=0.6500&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-khtm6.BE&dfp_bucket=0.3&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=2454091008&advurl=generalsearch.net%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=50&gpid=27587520&iwb=1&dmm_d22=0.07&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=0.65
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:23:09 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 9AF6 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:23:09 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:23:09 GMT
it
fra1-ib.adnxs.com/ Frame 9AF6 		0
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLlBPBMZQIAAAMA1gAFAQirnfWiBhDk3MCowb3M0y0Y3sCesZyw9OcTKjYJK4cW2c730z8RoMiTpGsmzz8ZAAAAoEfhyj8hoMiTpGsmzz8pK4cJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAtXEXeoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMzI0NjIwMTQ0NjIzODM0ODA0Nl9zYmlkGhMzMjg5NjUyOTQyODUyODYxNTQwIgk0MjQ3ODU1MzQqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE_uzGygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXGwYAOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=ca9078ec955d849cdb920711edde3d5c2fb01c14&pp=0.23119199999999998
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
6645d656-cf16-4b05-8366-2cfe4a8dc4df
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 9AF6 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1338050
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230114-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683836589.472677,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1420572
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9AF6 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:23:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FFF2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJiy2YPoIrnx8Pc-kSJ8psaC7dXSqOirk3JuqcgRptyFj8_NwBj7YbbeXfekjyNhgyKCpHWt9QNFPR3kJQmypjy38LpA2gHBWru2EK7UukdhDsbr8n0HsAYyraFcFy25p1OgiPP9DrXrVm5m9_72zhMYl1S7NirAbMHi4ILcU_CoAcuu_9LpE205Zd9J8N6Gl51B00BJ-FG73wqnC-B0-nBSXH-maBMx4vUdsjQWJ-J0DkTyETCYrykyWyzFnOoRtV230nMluQb2nUWt4LcbkHsqPDWs3QirTe5p3cNYaXk5IUpx6iUmC88_1QOlBnBVeV390JdD1eiiZep-_kyLEptw&sai=AMfl-YTtdfuYMMZ-7TlHYUoBHPTH7hLH6Pb32gQy7HrNe3Uhzkk0a3qunWiTv0DPlpJ77-Wwl8DtcqQchEX0uB0tBqj5CHRmK16aoQUTY99e5YjZwRmOrMGCmtGkKyTbkxCV27dztmlUHOtxq-qOVmz2&sig=Cg0ArKJSzADlx29c6JvvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame FFF2 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d81ee707aa39bd2584d53e68e2411fcb80e123ce679c8b98e7917703fded80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:23:09 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Thu, 11 May 2023 20:28:09 GMT
log
qsearch-a.akamaihd.net/ Frame FFF2 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587523&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=3246201446238348046&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=1.0321&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=48&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=970x90&f_seg=&prdp=0.1092&ogcbdp=0.2100&dfpbd=0.1092&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202305111435_generic_appn_2-cid_1&viewability=0.8300&dmm_r=0.2230&cut=48&dmm_l=0.2230&as_cache=1&tcyerpm=&content_language=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683836587893&cc=DE&strg=harmony&ss=&video_maxdur=-1&current_hour=20&time_stamp=2023-05-11+20%3A23%3A07&content_network=&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.2100&ct=Saalfeld&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=9009&bdp_bucket=0.20&algo=unison12&dc=eu_be&splid=27587523&dim4=exploration&erpm_mult=1.000000&dn=ultrasurfing.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=3dceafab19ac42d68dbaf3d9eda130d4&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.1840&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=5&visibility=1&totalTime=5693130&dmm_m1=2023-05-11+20%3A23%3A07.901146685&e_rpm=0.0670&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.1840&cid=8CUH5EN48&bcrid=424785561&rawbid=0.2100&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-khtm6.BE&dfp_bucket=0.1&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=2454091008&advurl=generalsearch.net%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=50&gpid=27587523&iwb=1&dmm_d22=0.03&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=0.21
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:23:09 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame FFF2 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:23:09 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:23:09 GMT
it
fra1-ib.adnxs.com/ Frame FFF2 		0
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLiBPBAYgIAAAMA1gAFAQirnfWiBhCQ0ffc9fiwTBjewJ6xnLD05xMqNgmBlUOLbOe7PxH5g4Hn3sO1PxkAAABA4XrUPyEREgQpgQ0kBDEABRuopD8ww-eTDTinPUCVCUhgUJntxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG9IEBmAHKB6ABWqgBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACtftc6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMUoAMBqgM_EhgzMjQ2MjAxNDQ2MjM4MzQ4MDQ2X3NiaWQaETQyOTk5NDU3NDYzMDAzMjgwIgk0MjQ3ODU1NjEqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEme3GygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAJOQkBbBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkJIgAABSQM2gcGCAUJZOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=5fa838269cdd977fd486b1a5c130440378f0307c&pp=0.080769
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
205b029b-df7a-4db2-83b8-22ab2f6c0d43
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame FFF2 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1338050
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230114-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683836589.482559,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1420573
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFF2 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:23:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5C59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJAuTN6cnRP140UYiEPEDXolq0BzqqccaAvxU-Fp_zwqDzEQPWBsoDaIZYtppp60N0MeBnQ_nF0I8bUz2HxKOzQm0ChSiHDMpsVydGHjhalBJxeELeOO0amB4efAcmIXcOUB4Y2c6ePcH_wV3e510a0gk8SdkoJRitTuoSmC0Mg9qgngcrpucc1jtxWGkU0ayjMfwCzvkEGyh2tPVqkovLXYJ46Ndq2wmdNuHNnjMc71SkxeOgLSZU_JYxYJY8anOFdgo5zZXOmmZcAjo8XyHIlYhyFGgi7R-hcCteq4vEyON1aGLtF03P0DGhYbb9w8YvOPPFGBmvzL_F5oZuiPo9&sai=AMfl-YS5vOjkwHCsY_1qDXpYIjUGnxAn-Ezn0Pu8jg__-A_7WvRh9WIqkCoqDJCoECi6NHLUrmSacl6rtc_MttFWbA7ORn3UsEM9G2GjmdlkwHW-agAXFKHheorzrfbTxt53DW7MESQLdNZrSjaG7Npb&sig=Cg0ArKJSzODx_KXevYVcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame 5C59 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
97a216fe2a7673830669c4353c36cd36c58c137aeecedf5f47d90541e620ccea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 May 2023 20:23:09 GMT
server
Apache
etag
"289abd0d1ebc97edf31de79ccd4e72b0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Thu, 11 May 2023 20:28:09 GMT
log
qsearch-a.akamaihd.net/ Frame 5C59 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=27587518&content_context=-1&content_channel=&other_prv=462&jar_err=&current_day=4.0&adtyp=0&req_id=3246201446238348046&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=2.1790&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=52&floor_bucket=0.00&gpid_format=DEFAULT&seat=462&rc=-1&size=120x600&f_seg=&prdp=0.3216&ogcbdp=0.6700&dfpbd=0.3216&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202305111435_generic_appn_2-cid_1&viewability=0.5700&dmm_r=0.2820&cut=52&dmm_l=0.2820&as_cache=0&tcyerpm=&content_language=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ultrasurfing.com%2F&bidrestime=1683836587897&cc=DE&strg=harmony&ss=&video_maxdur=-1&current_hour=20&time_stamp=2023-05-11+20%3A23%3A07&content_network=&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.6700&ct=Saalfeld&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=9009&bdp_bucket=0.60&algo=unison12&dc=eu_be&splid=27587518&dim4=exploration&erpm_mult=1.000000&dn=ultrasurfing.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&dmm_m10=878316&bdp_wider_bucket=1&acid=803e0d021a5b473b8eb0ba2845461904&zone=b&infl=&o_ver=NT+10.0&br_ver=113.0.5672.92&bdmm_m6=1.0000&bdmm_m7=0.4900&bdmm_m5=1.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3192470&dmm_m1=2023-05-11+20%3A23%3A07.900719570&e_rpm=0.2240&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.4900&cid=8CUH5EN48&bcrid=424785534&rawbid=0.6700&seat_id=462&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-8549976cf7-khtm6.BE&dfp_bucket=0.3&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=2454091008&advurl=generalsearch.net%2F&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=50&gpid=27587518&iwb=1&dmm_d22=0.07&second_bid=0.000000&sc_pvid=462&capd=0&other_bids=0.67
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 May 2023 20:23:09 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 5C59 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 11 May 2023 20:23:09 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 11 May 2023 21:23:09 GMT
it
fra1-ib.adnxs.com/ Frame 5C59 		0
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLlBPBMZQIAAAMA1gAFAQirnfWiBhCfoIy8ybv8qhcY3sCesZyw9OcTKjYJz_dT46Wb1D8RFw6EZAET0D8ZAAAAwPUozD8hFw6EZAET0D8pz_cJJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgArT7XOoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMzI0NjIwMTQ0NjIzODM0ODA0Nl9zYmlkGhMxNjgxNTE1OTY1NjI5Nzk2MzgzIgk0MjQ3ODU1MzQqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE_uzGygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXGwYAOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=a033fa14ae057a9c497a1b337c898bdd2b59e627&pp=0.23860199999999998
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
3479ee07-b219-4af1-8ff1-914b623949e1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 5C59 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Thu, 11 May 2023 20:23:09 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1338051
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230040-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683836589.484405,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 710545
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C59 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 20:23:09 GMT
bulk
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
24
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1683836589.489912,VS0,VE24
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 9EA6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9EA6 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e341:f6b2:dd43:a873 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1683836590.529055,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1683836590.529036,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usync.html
eus.rubiconproject.com/ Frame F066 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 May 2023 20:23:09 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6C37 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LHJKTUJG-8-8IU6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date
Thu, 11 May 2023 20:23:09 GMT
Via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
Age
21416
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
X-Served-By
cache-fra-eddf8230042-FRA
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1683836590.568169,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type
image/png
abp
35
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
9061
sodar
pagead2.googlesyndication.com/pagead/ Frame D8BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305080101&jk=510136224565145&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
dcm
aax-eu.amazon-adsystem.com/s/
Redirect Chain
  • https://tracker.neodatagroup.com/cm?eid=31018f6a990059d&pv=AMAZON&sid=1&rd=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Dd0592a87-ff14-499d-9eda-8641b59e11c0%26id%3D31018f6a990059d
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=31018f6a990059d
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=31018f6a990059d&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=31018f6a990059d&dcc=t
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A109N3AJD2JKHCT571DK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B5HJYHYTXZB01Z92F71J
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=31018f6a990059d&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F066 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
def0dc1680d9e3cc3bfff20c89bf5dea9e1c1378c076c9af82616efb7d168db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 15:40:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69470
Connection
keep-alive
Content-Length
10019
Expires
Fri, 12 May 2023 15:40:59 GMT
iframe
pixel.mathtag.com/sync/ Frame 2BDE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: http://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master zrh-pixel-x5 config_version:"unknown" /
Resource Hash
c9d733f780513695338ff44ca1405e9a455925ac3c830632d66bd8b0875b47a7

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
961
Content-Type
text/html
Date
Thu, 11 May 2023 20:23:09 GMT
Expires
Thu, 11 May 2023 20:23:08 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x5 config_version:"unknown"
Vary
Accept-Encoding
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 725C 		75 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589609250702&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10154f16cf4023d4e00fcc84c21754ba7f70916dc2580bfb6af6b6a2104d8a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
27426
content-type
text/html
date
Thu, 11 May 2023 20:23:09 GMT
expires
Thu, 11 May 2023 20:23:09 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-vw6m
checksync.php
contextual.media.net/ Frame 1E69 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:23:09 GMT
expires
Sat, 13 May 2023 20:23:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 5C59 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1944&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=813823675&vi=1683836589609250702&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785047&r=1683836589735&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22uHF.h9.uuh.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22_q%22%2C%22QQN75%22%3A%22b11jkJjO%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1683836589175421285&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p11032739874t202305112023&vgd_pgids=1&vgd_uspa=0&hvsid=00001683836589731024540910082403&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:09 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:23:09 GMT
checksync.php
contextual.media.net/ Frame FC0B 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:23:09 GMT
expires
Sat, 13 May 2023 20:23:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 5C59 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4560&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=3246201446238348046&vid=3246201446238348046&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=TH&ct=Saalfeld&zip=07318&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-khtm6.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=9009&gender=O&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=37.252.172.137&s_city=frankfurt+am+main&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=31&pvid=462&prvAccId=813823675&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=56914509663125_477120130_10163351424621&reqsize=120x600&size=120x600&chnl=HARMONY&bdp=0.670&cbdp=0.322&og_cbdp=0.670&ogbdp=0.67&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.322&dt=O&dbf=1&epc=813823675&s=1&snm=SUCCESS&pcrid=8CU62MU8E-813823675-19-1&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=57&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683836587897&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785534&strg=HARMONY&stagid=27587518&vls=0&scrid=424785534&mang=1&pvdTmax=108&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587518&mx_tgs=120x600%7C160x600%7C300x250%7C300x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587518&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=803e0d021a5b473b8eb0ba2845461904&rtime=12.0&wsip=mowx-7d6f88db94-zj7vx&ltime=19.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=1681515965629796383&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587518&insl=0&mowxReqId=803e0d021a5b473b8eb0ba2845461904_1&ecp=0.22&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587518&supplyTagId=27587518&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=21&debug_ts=2023-05-11+20%3A23%3A07&__expireat=1683837188155&mview=1&rme=adm&bdata=~bx_len%3D957~bid%3D0.670~bx_asn%3D9009~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010000~bx_size%3D120x600~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DSAALFELD~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D50~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.07~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.079~dmm_m1%3D0.224~dmm_m10%3D1.000~dmm_m11%3D0.957~dmm_m12%3D0.490~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.030~dmm_m16%3D0.230~dmm_m2%3D0.162~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D20~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D153.000~dmm_m36%3D153.000~dmm_m39%3D169.000~dmm_m40%3D169.000~dmm_m43%3D0.755~dmm_m5%3D1.000~dmm_m51%3D153.000~dmm_m52%3D0.565~dmm_m6%3D1.000~dmm_m7%3D0.490~dmm_m9%3D1.000~dmm_r%3D0.282~e_rpm%3D0.224~erpm%3D0.224~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D146.70.117.0~r_sc%3DTH~rbo%3D5_3~seller_tag_id%3D27587518~std%3D27587518~visibility%3D1~supply_tag_id%3D27587518%7Eviewability%3D0.565079%7Ecbdp%3D0.670%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D0.670%7Eitype_id%3D16%7Eseller_tag_id%3D27587518%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&utime=1851&sf=0&cpr=0.75160691363367
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:23:09 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C1EB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 11 May 2023 20:23:09 GMT
ETag
"623de86a-cf34"
Expires
Fri, 12 May 2023 20:23:11 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 5C59 		0
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKkBPBMJAIAAAMA1gAFAQirnfWiBhDk3MCowb3M0y0Y3sCesZyw9OcTKjYJK4cW2c730z8RoMiTpGsmzz8ZAAAAoEfhyj8hoMiTpGsmzz8pK4cJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvQ-AZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAtXEXeoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA7uiNuADAOgDAPgDA4AEAJIEEC9vcGVucnRiMi9wcmViaWSYBACiBA0xNDYuNzAuMTE3LjY5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBP7sxsoBiAUBmAUAoAWOxpXDwuC0hi2qBSRiZmJmZDcyYi1mMjFkLTRlZWEtOTYzNy1kODNlNWZmNGVjMDHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChABQS4BAGwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESgBJAjaBwYJ32TgBwDqBwIIAPAHlyeKCAIQAJUIAACAP5gIAQ..&s=3fffb1d1991ad92f77063fbd03ca3265bfaca58d&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
4ba09b05-49dc-4e28-a49c-dcfa75882d60
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
pixel.mathtag.com/comp/ 		0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:23:08 GMT
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 3E93 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 23:41:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
247308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 23:41:21 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame B0C0 		72 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589300891769&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=487003955&size=970x90&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bacd1ad6028a1bad78360ebc3259fcd206735b424b6b62315c206e447451828d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26908
content-type
text/html
date
Thu, 11 May 2023 20:23:09 GMT
expires
Thu, 11 May 2023 20:23:09 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-vw6m
checksync.php
contextual.media.net/ Frame 25EF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:23:09 GMT
expires
Sat, 13 May 2023 20:23:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame FFF2 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1928&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=487003955&vi=1683836589300891769&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785047&r=1683836589797&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22uHF.h9.uuh.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22_q%22%2C%22QQN75%22%3A%22b11jkJjO%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1683836589100690221&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p11032739874t202305112023&vgd_pgids=3&vgd_uspa=0&hvsid=00001683836589793024540910085008&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:09 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:23:09 GMT
checksync.php
contextual.media.net/ Frame BBFB 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:23:09 GMT
expires
Sat, 13 May 2023 20:23:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame FFF2 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4518&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=3246201446238348046&vid=3246201446238348046&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=TH&ct=Saalfeld&zip=07318&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-khtm6.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=9009&gender=O&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=37.252.172.137&s_city=frankfurt+am+main&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=31&pvid=462&prvAccId=487003955&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=17171410424844_1938273905_10163351414621&reqsize=970x90&size=970x90&chnl=HARMONY&bdp=0.210&cbdp=0.109&og_cbdp=0.210&ogbdp=0.21&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.109&dt=O&dbf=1&epc=487003955&s=1&snm=SUCCESS&pcrid=8CU62MU8E-487003955-19-0&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=83&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683836587893&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785561&strg=HARMONY&stagid=27587523&vls=0&scrid=424785561&mang=1&pvdTmax=108&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587523&mx_tgs=728x90%7C970x90&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587523&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=3dceafab19ac42d68dbaf3d9eda130d4&rtime=8.0&wsip=mowx-7d6f88db94-bk7mc&ltime=15.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=42999457463003280&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587523&insl=0&mowxReqId=3dceafab19ac42d68dbaf3d9eda130d4_1&ecp=0.32&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587523&supplyTagId=27587523&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=21&debug_ts=2023-05-11+20%3A23%3A07&__expireat=1683837188155&mview=1&rme=adm&bdata=~bx_len%3D941~bid%3D0.210~bx_asn%3D9009~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010010~bx_size%3D970x90~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DSAALFELD~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D70~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.030~dmm_m1%3D0.067~dmm_m10%3D1.000~dmm_m11%3D0.981~dmm_m12%3D0.184~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.982~dmm_m16%3D0.161~dmm_m2%3D0.163~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D9~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D153.000~dmm_m36%3D153.000~dmm_m39%3D169.000~dmm_m40%3D169.000~dmm_m5%3D1.000~dmm_m51%3D153.000~dmm_m52%3D0.829~dmm_m6%3D1.000~dmm_m7%3D0.184~dmm_m9%3D1.000~dmm_r%3D0.223~e_rpm%3D0.067~erpm%3D0.067~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D146.70.117.0~r_sc%3DTH~rbo%3D5_3~seller_tag_id%3D27587523~std%3D27587523~visibility%3D1~supply_tag_id%3D27587523%7Eviewability%3D0.829002%7Ecbdp%3D0.210%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D0.210%7Eitype_id%3D16%7Eseller_tag_id%3D27587523%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&utime=1912&sf=0&cpr=0.9787909820661107
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:23:09 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6B1E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 11 May 2023 20:23:09 GMT
ETag
"623de86a-cf34"
Expires
Fri, 12 May 2023 20:23:11 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame FFF2 		0
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKkBPBMJAIAAAMA1gAFAQirnfWiBhDk3MCowb3M0y0Y3sCesZyw9OcTKjYJK4cW2c730z8RoMiTpGsmzz8ZAAAAoEfhyj8hoMiTpGsmzz8pK4cJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvQ-AZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAtXEXeoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA7uiNuADAOgDAPgDA4AEAJIEEC9vcGVucnRiMi9wcmViaWSYBACiBA0xNDYuNzAuMTE3LjY5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBP7sxsoBiAUBmAUAoAWOxpXDwuC0hi2qBSRiZmJmZDcyYi1mMjFkLTRlZWEtOTYzNy1kODNlNWZmNGVjMDHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChABQS4BAGwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESgBJAjaBwYJ32TgBwDqBwIIAPAHlyeKCAIQAJUIAACAP5gIAQ..&s=3fffb1d1991ad92f77063fbd03ca3265bfaca58d&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
54bd8bc5-0beb-4127-8ce6-ee407796c85c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6C37 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
nd583fFZPp3l3twcIlc4AA
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 6C37
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nd583fFZPp3l3twcIlc4AA?csrc=&gdpr=1&us_privacy=1---
0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/nd583fFZPp3l3twcIlc4AA?csrc=&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2a05:d018:d29:3605:e341:f6b2:dd43:a873 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/nd583fFZPp3l3twcIlc4AA?csrc=&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6C37
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2V72BZE1SMB8RQWETVHN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
89KC6981GM10NK61G88M
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6C37
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
921RH3DERWY2XN8HW09A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R55KGXSPPT6N7KY5NME6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6C37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENCD0UTa4VWDeD_3mcnfZ14&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENCD0UTa4VWDeD_3mcnfZ14&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENCD0UTa4VWDeD_3mcnfZ14&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C37
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhKS1RVSkctOC04SVU2&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEC-NWGOU2KvuiHd2dEf26G8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKS1RVSkctOC04SVU2&google_push=&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKS1RVSkctOC04SVU2&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKS1RVSkctOC04SVU2&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
setuid
px.ads.linkedin.com/ Frame 6C37
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJKTUJG-8-8IU6&gdpr=1&us_privacy=1---
0
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJKTUJG-8-8IU6&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
2620:109:c002::6cae:a14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:10 GMT
Server
Play
X-Li-Pop
prod-lva1-x
LinkedIn-Action
1
X-Li-Fabric
prod-lva1
X-LI-Proto
http/1.1
Connection
keep-alive
content-length
0
X-LI-UUID
AAX7cMHRJ9Ej5RAKWlWIbw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJKTUJG-8-8IU6&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6C37
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2U5NGFlMmZlZTYwOWQzMjEzODE3MDFkN2FkMjgwZDllNjE1ZGUxZQ&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2U5NGFlMmZlZTYwOWQzMjEzODE3MDFkN2FkMjgwZDllNjE1ZGUxZQ&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2U5NGFlMmZlZTYwOWQzMjEzODE3MDFkN2FkMjgwZDllNjE1ZGUxZQ&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 7EAB 		75 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589150294967&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
677006961ded05219b7cf7cefed3467b560322ff62906e5c6090a21148a204aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
27402
content-type
text/html
date
Thu, 11 May 2023 20:23:10 GMT
expires
Thu, 11 May 2023 20:23:10 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-chwq
checksync.php
contextual.media.net/ Frame A785 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5881
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:23:09 GMT
expires
Sat, 13 May 2023 20:23:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 9AF6 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1944&&vgd_cdv=950&vgd_tsce=L130&vgd_cage=0&vgd_chkp=9028221|||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=813823675&vi=1683836589150294967&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785047&r=1683836589846&requrl=http%3A%2F%2Fultrasurfing.com&vgde_bdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22uHF.h9.uuh.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22_q%22%2C%22QQN75%22%3A%22b11jkJjO%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1683836589138167259&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p11032739874t202305112023&vgd_pgids=3&vgd_uspa=0&hvsid=00001683836589842024540910086697&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:09 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:23:09 GMT
checksync.php
contextual.media.net/ Frame 026C 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033%2C171%2C175%2C178%2C157%2C3018%2C159%2C214%2C313%2C3014%2C459%2C319%2C97%2C77%2C99%2C56%2C59%2C20000%2C38%2C182%2C184%2C141%2C262%2C460%2C461%2C462%2C188%2C222%2C201%2C246%2C4%2C203%2C225%2C10000%2C80%2C9%2C109%2C208%2C82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 11 May 2023 20:23:09 GMT
expires
Sat, 13 May 2023 20:23:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 9AF6 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4542&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CUH5EN48&reqid=3246201446238348046&vid=3246201446238348046&dn=ultrasurfing.com&rawDn=ultrasurfing.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fultrasurfing.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=TH&ct=Saalfeld&zip=07318&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-8549976cf7-khtm6.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=9009&gender=O&sckfl=0&smbrid=7847&usp_status=0&usp_enf=1&pexid=APPNEXUS-995806&geoll=false&is_ortb=true&s_ip=37.252.172.137&s_city=frankfurt+am+main&commit_id=e2f64558&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-11+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=31&pvid=462&prvAccId=813823675&prvApiId=8CU62MU8E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=101633514&prspt=headerBid&prvReqId=61707283048518_491291210_10163351424621&reqsize=120x600&size=120x600&chnl=HARMONY&bdp=0.650&cbdp=0.312&og_cbdp=0.650&ogbdp=0.65&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.312&dt=O&dbf=1&epc=813823675&s=1&snm=SUCCESS&pcrid=8CU62MU8E-813823675-19-5&tpbTkn=false&exid=220&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=45&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683836587897&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785534&strg=HARMONY&stagid=27587520&vls=0&scrid=424785534&mang=1&pvdTmax=108&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CU62MU8E&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU62MU8E&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27587520&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27587520&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=250a703d73&acid=e5b737c945ad43a7a2f5db35345c98f6&rtime=13.0&wsip=mowx-7d6f88db94-6fd9x&ltime=19.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=3289652942852861540&reftime=15000&reftype=0&keywordSellerId=false&dsid=27587520&insl=0&mowxReqId=e5b737c945ad43a7a2f5db35345c98f6_1&ecp=0.21&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=27587520&supplyTagId=27587520&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=21&debug_ts=2023-05-11+20%3A23%3A07&__expireat=1683837188155&mview=1&rme=adm&bdata=~bx_len%3D957~bid%3D0.650~bx_asn%3D9009~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010000~bx_size%3D120x600~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DSAALFELD~dc%3Dgcp-eu-west1-b~dmm_d12%3D1~dmm_d15%3D1~dmm_d16%3D3~dmm_d18%3D30~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.07~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d52%3D0.00~dmm_l%3D0.077~dmm_m1%3D0.217~dmm_m10%3D1.000~dmm_m11%3D0.957~dmm_m12%3D0.463~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.996~dmm_m16%3D0.230~dmm_m2%3D0.167~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D20~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.013~dmm_m34%3D1.000~dmm_m35%3D153.000~dmm_m36%3D153.000~dmm_m39%3D169.000~dmm_m40%3D169.000~dmm_m43%3D0.755~dmm_m5%3D1.000~dmm_m51%3D153.000~dmm_m52%3D0.453~dmm_m6%3D1.000~dmm_m7%3D0.463~dmm_m9%3D1.000~dmm_r%3D0.282~e_rpm%3D0.217~erpm%3D0.217~hc%3D0%20%2B%200~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D146.70.117.0~r_sc%3DTH~rbo%3D5_3~seller_tag_id%3D27587520~std%3D27587520~visibility%3D1~supply_tag_id%3D27587520%7Eviewability%3D0.452681%7Ecbdp%3D0.650%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D1%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.013%7Eogbid%3D0.650%7Eitype_id%3D16%7Eseller_tag_id%3D27587520%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&utime=1964&sf=0&cpr=0.6178865268442888
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 11 May 2023 20:23:09 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 11E2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://ultrasurfing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 11 May 2023 20:23:09 GMT
ETag
"623de86a-cf34"
Expires
Fri, 12 May 2023 20:23:11 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 9AF6 		0
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QKkBPBMJAIAAAMA1gAFAQirnfWiBhDk3MCowb3M0y0Y3sCesZyw9OcTKjYJK4cW2c730z8RoMiTpGsmzz8ZAAAAoEfhyj8hoMiTpGsmzz8pK4cJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvQ-AZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAtXEXeoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA7uiNuADAOgDAPgDA4AEAJIEEC9vcGVucnRiMi9wcmViaWSYBACiBA0xNDYuNzAuMTE3LjY5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBP7sxsoBiAUBmAUAoAWOxpXDwuC0hi2qBSRiZmJmZDcyYi1mMjFkLTRlZWEtOTYzNy1kODNlNWZmNGVjMDHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChABQS4BAGwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESgBJAjaBwYJ32TgBwDqBwIIAPAHlyeKCAIQAJUIAACAP5gIAQ..&s=3fffb1d1991ad92f77063fbd03ca3265bfaca58d&bdref=http%3A%2F%2Fultrasurfing.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fultrasurfing.com%2F,http%3A%2F%2Fultrasurfing.com%2F&
Requested by
Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
8152e9d2-9a27-43ae-bde5-8ff044d72206
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
pixel.mathtag.com/misc/ Frame 2BDE 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=481431&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:09 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 May 2023 20:23:08 GMT
truncated
/ Frame 5C59 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68d791c7328cf3639b190a4193d6104d3987a5da05874bc3da2ca7e30de1e818

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame C1EB 		0
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
d9d9539b-8ce1-44d3-b237-6388b285fdec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame FFF2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
498cbfb788d5d300c585a932cbccb3eed28851148ffc415a6a4314b3a723b45c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 6B1E 		0
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:09 GMT
AN-X-Request-Uuid
1be25544-8ce2-4bfa-b64e-7aec8e32a4ec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 11E2 		0
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
AN-X-Request-Uuid
86fffd06-7a7d-4069-84e4-9bbb9939ff59
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
pixel.mathtag.com/comp/ Frame 2BDE 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master zrh-pixel-x10 config_version:"unknown" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:10 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x10 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 May 2023 20:23:09 GMT
vevent
fra1-ib.adnxs.com/ Frame 5C59 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLlBPBMZQIAAAMA1gAFAQirnfWiBhCfoIy8ybv8qhcY3sCesZyw9OcTKjYJz_dT46Wb1D8RFw6EZAET0D8ZAAAAwPUozD8hFw6EZAET0D8pz_cJJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgArT7XOoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMzI0NjIwMTQ0NjIzODM0ODA0Nl9zYmlkGhMxNjgxNTE1OTY1NjI5Nzk2MzgzIgk0MjQ3ODU1MzQqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE_uzGygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXGwYAOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=a033fa14ae057a9c497a1b337c898bdd2b59e627&type=nv&nvt=5&jm=1003&px=1065&py=487&bw=120&bh=600&sid=2983365921538830166&vd=ct~0|rr~0&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587518&sw=1600&sh=1200&pw=1600&ph=6274&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
AN-X-Request-Uuid
80ffdb84-1723-488b-92e0-8b8dd7eafa2f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5C59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqOO6jsQj_Yh5bnOQ2RWyTukCDTD3Ysw2xr0nzFJzQTxWse4dBeQFQ9bY3cUekydraQn1F__BcCB4FXoC3UaCbSyRQLurJnNWqCfdNI0Yx28S3E1ouZjHiUMBzerzQGGEVQZr7u2fK-HhxXTSH0dXMScME_mMhte4RqobLk9Uvm6N5gk8g96X0HT9kkppnc09XDH5RB9i9pUQGFsthHz6nbMsAfg9pgUSTjQ3inMaPG_RXxB_eCz4LlV3JyGtt8W6qdXqO2qbgAR_CH-qcKtYbUXhbHhu_2Bqyz6RaLEdqHyNdAEQ4rzCSL0zwhQ72FUqYSieYMy31jpadMJ8JipaQ5eI&sai=AMfl-YQFYZyt78asHx-2F4k0ZxA9NZKUbvwcyyx0sBef1XDt0HUEXeQpGrkcnvWwtaXpZz-Ajmv1rVaMJUrxEE9-2LAYlQQ9wuoxH-RNoT6QT0f4LrZx7rdba7X9ybg7LuOMxxp8l8AEGjGAY5ioK-BE&sig=Cg0ArKJSzE5i_XyM-010EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:23:10 GMT
truncated
/ Frame 9AF6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c270ac6f9b1eaa604644944df4bb59aa3b1faec39335d02071e1fd27b608531

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame FFF2 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLiBPBAYgIAAAMA1gAFAQirnfWiBhCQ0ffc9fiwTBjewJ6xnLD05xMqNgmBlUOLbOe7PxH5g4Hn3sO1PxkAAABA4XrUPyEREgQpgQ0kBDEABRuopD8ww-eTDTinPUCVCUhgUJntxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG9IEBmAHKB6ABWqgBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACtftc6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMUoAMBqgM_EhgzMjQ2MjAxNDQ2MjM4MzQ4MDQ2X3NiaWQaETQyOTk5NDU3NDYzMDAzMjgwIgk0MjQ3ODU1NjEqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEme3GygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAJOQkBbBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkJIgAABSQM2gcGCAUJZOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=5fa838269cdd977fd486b1a5c130440378f0307c&type=nv&nvt=5&jm=1003&px=315&py=1110&bw=970&bh=90&sid=2983365921538830166&vd=ct~0|rr~0&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587523&sw=1600&sh=1200&pw=1600&ph=6274&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
AN-X-Request-Uuid
051a5064-4793-457a-9073-88d1a157448a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FFF2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOgIXrAOoyNlLnqYRsPGilcdA4zsLeYoinx25gu_QAPLjaR2_cSzmHM8N9HzJg7DrHvSlw-QRncNVjAgLARiBYHqI35lGLL0kOtyAqwayNLOFgSYfmpN3QW345K_V6Pg8Cj6-KTbgtvX4WaCIGuAIAiQsxyrTHTisF6H2X4IdUSS3jaXYjilk-5psfSVH6sbZWOPWc29Do4LE3MG-2CyLRAOpFzW7aFImIQzjLC19AdPyMCOtuV697-7VAZWSwZJSgfyHfCsslYmZ3aYOLCVGm1vlrKotI9Hih_Xq9JRxG9yLWxCc4JRlirkYHY0SZDPP4t9pSBeB8gHNNHFz7-9_g8-Fy&sai=AMfl-YTYvwInzMvnmHMXAc5KyY6nIDp6SYj9nM84gpFA315DYsrHI7ai8Ozl7hkfbhalfJByd4K219bMoYeClGJhFvtYKUVorA6tpJIussYU8QBObeVSKxN4BuQkWvN3Jfudc5ZfC37vCaWX6c37GY0b&sig=Cg0ArKJSzDEWNEXAYRG6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:23:10 GMT
truncated
/ Frame 725C 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 725C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 725C 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589609250702&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589609250702&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 12 May 2023 20:23:10 GMT
vevent
fra1-ib.adnxs.com/ Frame 9AF6 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLlBPBMZQIAAAMA1gAFAQirnfWiBhDk3MCowb3M0y0Y3sCesZyw9OcTKjYJK4cW2c730z8RoMiTpGsmzz8ZAAAAoEfhyj8hoMiTpGsmzz8pK4cJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAtXEXeoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMzI0NjIwMTQ0NjIzODM0ODA0Nl9zYmlkGhMzMjg5NjUyOTQyODUyODYxNTQwIgk0MjQ3ODU1MzQqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE_uzGygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXGwYAOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=ca9078ec955d849cdb920711edde3d5c2fb01c14&type=nv&nvt=5&jm=1003&px=345&py=487&bw=120&bh=600&sid=2983365921538830166&vd=ct~0|rr~0&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587520&sw=1600&sh=1200&pw=1600&ph=6274&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
AN-X-Request-Uuid
7ba95262-4e53-4921-9ed0-5a92aa355ab8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9AF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtuKEgZwlRKIpBIZCa8XrUuzpTJNSqFcrsd3wpu1IDnjxYVIRIbgk_2RuALpjlTH_Vm4iKpq_jqVySP4st_VXRg99GHtVXa275FKxm6N434fUZkoLp-HZFz9f5XqSTXQKqIcl-AA6pB8lUl876bqa6-dez6vEyyFFlvuGTPJe4cxBRQ_M5_KLeI53kWXGOnNPiKu9GdzmLotqLt27W7Boj8KKSasHFElQDg-g7qhfL9qZCdj7C8SmcNdkWcrwgt1bdJhI4o8PIOQAlxmzbZomInFpekzku7FmyPmMCek_XWUqLsxsUTCCjmAXEoM_PSOgWg4X_cUN39HYXyp9MXO4AWeUNN8tQLQ&sai=AMfl-YSWC5-aBJiogMP4_m1_jrTfVupC0Nk1i2CmwzQjNObnovFvdpEWUKHzrKxURT0qB6Re-RSBcmQOppf3XIE4WJ2rFS-EH3Euy4NWvSD9tD1C5ZsRSNilcunW1za3m_EViu_GCOL4mY5GZH3CnIDf&sig=Cg0ArKJSzJqWZfvt2lmFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 May 2023 20:23:10 GMT
truncated
/ Frame B0C0 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B0C0 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame B0C0 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589300891769&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=487003955&size=970x90&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589300891769&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=487003955&size=970x90&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 12 May 2023 20:23:10 GMT
truncated
/ Frame 7EAB 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7EAB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 7EAB 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589150294967&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589150294967&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 12 May 2023 20:23:10 GMT
bql.php
lg3.media.net/ Frame 725C 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7453&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380lhSFw34ykwgOn3UY-Rakmlc2ZJT937OlHXDuCHyTCZQypbMHl7hsKR_vfwmLj3fmeCH2od2yCXab2Fo93PY9KxxtUE8UWC9bPDx_PbAMDDs%3D&cme=HXYDkkGkwqNp2zOOvq50Exrz8yRA_TWHv5RJvFZ1PFhis75X0W6nhv2Ff3vyymkZ1ttt_cIiPsdKG5-3Hbs3StZYdL8buF1o774BtkqwH1tBA1eD1z-uMd14IVtkuYqIE2AYGmsLIFoYqH1Lcsv9iHxNOF6aB9G4haCJ0eeNHIW0209mkUQwarvO8ZRdXlwq6wsdk3jJIBzywu_J6jVP-p5UuY65160yMq7M8Txd5ws%3D%7C%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7CynOXz_8dq9-WGu9pDL--2Da2VivfjJpF1H3oZ8XjPDX1aoRIs27hEQIeT5SkSdrrWxEMVZbv4B17ZZuBOMr4z7j6F2QqtZUALy-VrPaA48DG-yLv1mXHYwr2lbJvYRv_0DZJxqb6IhfF2ehJU4NguvnEnfKm1x1L6yFeYPz8O5MZBNODohYbq6O75jReG2HSbFVNjghMylxjpi0OYx-G0kfCbEqvYNb8OD98Fx_6UvfaQp1lHtg_h3Zyv3TupZd848P0IjrMHz8%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQBuG&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1401%7C24%3D70%7C25%3D0%7C22%3D0.0218%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0549%7C14%3D051108%7C15%3D0%7C1%3D0.38%7Cr%3D2%7C60%3D0.27%7C10%3D1.79%7C63%3D0.10%7C62%3D0.29%7C12%3D0.39%7C2%3D1.22%7Cps%3D0.378%7C3%3D0.13%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=10+beste+E-Bikes+im+Test&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0677%7C24%3D66%7C25%3D0%7C22%3D0.0225%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0508%7C14%3D051108%7C15%3D0%7C1%3D0.40%7Cr%3D4%7C60%3D0.52%7C10%3D1.79%7C63%3D0.10%7C62%3D0.45%7C12%3D0.35%7C2%3D1.06%7Cps%3D0.378%7C3%3D0.11%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=Die+besten+E-Bike+Angebote&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1218%7C24%3D53%7C25%3D0%7C22%3D0.0253%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0494%7C14%3D051108%7C15%3D0%7C1%3D0.33%7Cr%3D5%7C60%3D0.35%7C10%3D1.79%7C63%3D0.10%7C62%3D0.41%7C12%3D0.32%7C2%3D0.96%7Cps%3D0.378%7C3%3D0.12%7C4%3D3.91&ktd[]=274894749952&ktrkt[]=Top+10+E-Bikes&kwd[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=350438700&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0577%7C24%3D97%7C25%3D0%7C22%3D0.0178%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0472%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D7%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.26%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1153%7C24%3D65%7C25%3D0%7C22%3D0.0226%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0420%7C14%3D051108%7C15%3D0%7C1%3D0.65%7Cr%3D14%7C60%3D0.36%7C10%3D1.79%7C63%3D0.10%7C62%3D0.75%7C12%3D0.54%7C2%3D3.08%7Cps%3D0.378%7C3%3D0.81%7C4%3D1.75&ktd[]=274894749952&ktrkt[]=Private+Krankenversicherung+im+Test&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2287%7C24%3D93%7C25%3D0%7C22%3D0.0183%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0535%7C14%3D051108%7C15%3D0%7C1%3D0.29%7Cr%3D6%7C60%3D0.52%7C10%3D1.79%7C63%3D0.10%7C62%3D0.29%7C12%3D0.23%7C2%3D3.36%7Cps%3D0.378%7C3%3D0.54%7C4%3D4.17&ktd[]=274894749952&ktrkt[]=Sparkonto+mit+5%25+Zinsen&kwd[]=E-Bikes+g%C3%BCnstig+kaufen&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=329660640&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0284%7C24%3D82%7C25%3D0%7C22%3D0.0197%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0443%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D8%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.22%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=E-Bikes+g%C3%BCnstig+kaufen&kwd[]=Kredite+f%C3%BCr+Rentner&kwt[]=391&kbc[]=1262271193&kwp[]=8&kid[]=329517997&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0578%7C24%3D2%7C25%3D0%7C22%3D0.0504%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0437%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D12%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.26%7C4%3D2.03&ktd[]=274894749952&ktrkt[]=Kredite+f%C3%BCr+Rentner&v=1&gdpr=1&geo=50.1%7C8.62&dlper=20&lper=100&lpid=&tsid=3&hint=&cc=DE&wsip=170774691&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22b11jkJjO%22%2C%22QQ8E%22%3A%22uHF.h9.uuh.9%22%2C%22QQQN%22%3A%22_q%22%7D&cid=8CU62MU8E&vi=1683836589609250702&vsid=DefVid&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=13&vgd_l1rakh=1683836589175421285&tsrc=entity&sttm=1683836589731&upk=1683836590.25616&hvsid=00001683836589731024540910082403&verid=3111299&sbdrId=99&vgd_ecrid=424785534&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D9009&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&vgd_cfud=230306&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=120_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A120%3Brend_h%3A600&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683836589731024540910082403&rc=0&rand=1683836590313&acid=803e0d021a5b473b8eb0ba2845461904&matm=1683836590313&vgd_ltimesrc=1&vgd_ltime=979&vgd_rtime=867&vgd_etm=10&vgd_l1hcsd=O76z2%7C3082&vgd_l1ch=1&vgd_lhl=1053&vgd_pgid=p11032739874t202305112023&vgd_csip=rtb-common-8549976cf7-khtm6.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_sticky_rail_0__container__%7CDIV-e9e39a2d-d6d0-4cc6-99a6-ae4a7e87cf4a&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589609250702&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:10 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:23:10 GMT
bql.php
lg3.media.net/ Frame B0C0 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6337&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380lhSFw34ykwgOn3UY-Rakmlc2ZJT937OlHXDuCHyTCZQypbMHl7hsKR_vfwmLj3fmeCH2od2yCXanlvq4mnYklpE0RldMYKIsWNUNP0LHWRU%3D&cme=yW_JYUBk6nsODacdWZLEVpMcb7HYkVQmrWk0BaiJKFfo_MwkJzXCdMqrlR4S4KL5LwYXDxA5b6J6W8kvVD7X2cx5s9IkFQ95i_WDJPumtQ4WU3UjlqwDQrcty5wyClnv1z-27_nEs9l3fKpGN-fjFXohdKfmTWeIzzvTrl4WNrluzijlC-Do9HDa4CmGXm-HxMu2i5hgSK6xIW6cSL9mI-T9-BWYUyBxPW7VDKN33UVcZ-7VUN5Kdg%3D%3D%7C%7CHiAIPw8y-kcG0B-a3kFxonnbAoHC6Jwn8V2jMN7GKOtl6gbJ7zQfOFyGMlX0za-ufyV6eRWC_iXCeJ-i_ybPT4HR6uS2K3DIansEziB-dDwoNfkS0n2b12zDSOO86yvDNFtUwWFMXf9LbW7krrr_bqFlqbtBbJkIeK2OVcdtwwWTF_ZSttfTOQIS6IUjRnihgeKXy9bI41uAQm26JKGmkGp99gWUdCGMTDs91JYWHKBLMDcTGyrWYcD3yAhP14O6edM2RBoC2OU%3D%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Beste+Geldanlage+f%C3%BCr+Rentner&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=350764368&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1056%7C24%3D95%7C25%3D0%7C22%3D0.0180%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D31%7C27%3D0%7C13%3D0.0765%7C14%3D051108%7C15%3D0%7C1%3D0.50%7Cr%3D1%7C62%3D0.70%7C12%3D0.40%7C2%3D1.74%7Cps%3D0.378%7C3%3D0.37%7C4%3D3.55&ktd[]=274894881024&ktrkt[]=Beste+Geldanlage+f%C3%BCr+Rentner&kwd[]=Minijobs+f%C3%BCr+Senioren&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=350764953&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1247%7C24%3D3%7C25%3D0%7C22%3D0.0494%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D47%7C27%3D0%7C13%3D0.0535%7C14%3D051108%7C15%3D0%7C1%3D0.50%7Cr%3D2%7C62%3D0.70%7C12%3D0.40%7C2%3D1.74%7Cps%3D0.378%7C3%3D0.22%7C4%3D4.29&ktd[]=274894881024&ktrkt[]=Minijobs+f%C3%BCr+Senioren&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1401%7C24%3D70%7C25%3D0%7C22%3D0.0218%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0506%7C14%3D051108%7C15%3D0%7C1%3D0.38%7Cr%3D3%7C62%3D0.29%7C12%3D0.39%7C2%3D1.22%7Cps%3D0.378%7C3%3D0.13%7C4%3D4.00&ktd[]=274894881024&ktrkt[]=10+beste+E-Bikes+im+Test&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0677%7C24%3D66%7C25%3D0%7C22%3D0.0225%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0470%7C14%3D051108%7C15%3D0%7C1%3D0.39%7Cr%3D4%7C62%3D0.45%7C12%3D0.35%7C2%3D1.03%7Cps%3D0.378%7C3%3D0.11%7C4%3D3.29&ktd[]=274894881024&ktrkt[]=Die+besten+E-Bike+Angebote&kwd[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=350438700&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0577%7C24%3D97%7C25%3D0%7C22%3D0.0178%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0573%7C14%3D051108%7C15%3D0%7C1%3D0.50%7Cr%3D5%7C62%3D0.70%7C12%3D0.40%7C2%3D1.74%7Cps%3D0.378%7C3%3D0.26%7C4%3D4.00&ktd[]=274894881024&ktrkt[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1218%7C24%3D53%7C25%3D0%7C22%3D0.0253%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0451%7C14%3D051108%7C15%3D0%7C1%3D0.33%7Cr%3D6%7C62%3D0.41%7C12%3D0.32%7C2%3D0.96%7Cps%3D0.378%7C3%3D0.12%7C4%3D3.91&ktd[]=274894881024&ktrkt[]=Top+10+E-Bikes&v=1&gdpr=1&geo=50.1%7C8.62&dlper=20&lper=100&lpid=&tsid=15040&hint=&cc=DE&wsip=170774691&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22b11jkJjO%22%2C%22QQ8E%22%3A%22uHF.h9.uuh.9%22%2C%22QQQN%22%3A%22_q%22%7D&cid=8CU62MU8E&vi=1683836589300891769&vsid=DefVid&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1001c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=13&vgd_l1rakh=1683836589100690221&tsrc=entity&sttm=1683836589793&upk=1683836590.20681&hvsid=00001683836589793024540910085008&verid=3111299&sbdrId=99&vgd_ecrid=424785561&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D9009&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&vgd_cfud=230306&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=970_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A90&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683836589793024540910085008&rc=0&rand=1683836590381&acid=3dceafab19ac42d68dbaf3d9eda130d4&matm=1683836590381&vgd_ltimesrc=1&vgd_ltime=1019&vgd_rtime=953&vgd_etm=9&vgd_l1hcsd=O76z2%7C3082&vgd_l1ch=1&vgd_lhl=1055&vgd_pgid=p11032739874t202305112023&vgd_csip=rtb-common-8549976cf7-khtm6.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_sticky_footer_0__container__%7CDIV-b66356ba-4042-4d47-9588-af374e3ef11d&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589300891769&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=487003955&size=970x90&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:10 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:23:10 GMT
bql.php
lg3.media.net/ Frame 7EAB 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7460&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DWRaXKMtvKRO9yCcKHcrHohCawCQ8380lhSFw34ykwgOn3UY-Rakmlc2ZJT937OlHXDuCHyTCZQypbMHl7hsKR_vfwmLj3fmeCH2od2yCXab2Fo93PY9KxxtUE8UWC9bPDx_PbAMDDs%3D&cme=4b8zK1x1PpTEbPhhcVlnhBB729q2pSquANzsPHd654tT8Qglj5MVZ9wgIypqbZQrWs9phyuyyYqeELaqEX2Q7ayIRqwdxi3y7CC5jhsIhsa_VV09rHB44jYCtducMGS9wlaFRGzLKlPRUBMpQpF2Nkg84zdOKwVHcDO1YJpXuTqTOI1Mv2YCLX7d3LaocPcnbr9aN7yl8fQ-e3dN8eaFsnpEgI1cwNK9j1WfsOjj6ng%3D%7C%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISebA6jP66TtNeYZ3NXh_8wt5a8sIJpqUY%3D%7CynOXz_8dq9-WGu9pDL--2Da2VivfjJpF1H3oZ8XjPDX1aoRIs27hEQIeT5SkSdrrWxEMVZbv4B17ZZuBOMr4z7j6F2QqtZUALy-VrPaA48DG-yLv1mXHYwr2lbJvYRv_0DZJxqb6IhfF2ehJU4NguvnEnfKm1x1L6yFeYPz8O5MZBNODohYbq6O75jReG2HSbFVNjghMylxjpi0OYx-G0kfCbEqvYNb8OD98Fx_6UvfaQp1lHtg_h3Zyv3TupZd848P0IjrMHz8%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=10+beste+E-Bikes+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=350632923&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1401%7C24%3D70%7C25%3D0%7C22%3D0.0218%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0549%7C14%3D051108%7C15%3D0%7C1%3D0.38%7Cr%3D2%7C60%3D0.27%7C10%3D1.79%7C63%3D0.10%7C62%3D0.29%7C12%3D0.39%7C2%3D1.22%7Cps%3D0.378%7C3%3D0.13%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=10+beste+E-Bikes+im+Test&kwd[]=Die+besten+E-Bike+Angebote&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=330266456&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0677%7C24%3D66%7C25%3D0%7C22%3D0.0225%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0508%7C14%3D051108%7C15%3D0%7C1%3D0.40%7Cr%3D4%7C60%3D0.52%7C10%3D1.79%7C63%3D0.10%7C62%3D0.45%7C12%3D0.35%7C2%3D1.06%7Cps%3D0.378%7C3%3D0.11%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=Die+besten+E-Bike+Angebote&kwd[]=Top+10+E-Bikes&kwt[]=391&kbc[]=1262271193&kwp[]=3&kid[]=326676038&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1218%7C24%3D53%7C25%3D0%7C22%3D0.0253%7C7%3D0.0002%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0494%7C14%3D051108%7C15%3D0%7C1%3D0.33%7Cr%3D5%7C60%3D0.35%7C10%3D1.79%7C63%3D0.10%7C62%3D0.41%7C12%3D0.32%7C2%3D0.96%7Cps%3D0.378%7C3%3D0.12%7C4%3D3.91&ktd[]=274894749952&ktrkt[]=Top+10+E-Bikes&kwd[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwt[]=391&kbc[]=1262271193&kwp[]=4&kid[]=350438700&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0577%7C24%3D97%7C25%3D0%7C22%3D0.0178%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0472%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D7%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.26%7C4%3D4.00&ktd[]=274894749952&ktrkt[]=Kleider+f%C3%BCr+Frauen+%C3%BCber+65&kwd[]=Private+Krankenversicherung+im+Test&kwt[]=391&kbc[]=1262271193&kwp[]=5&kid[]=329492667&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1153%7C24%3D65%7C25%3D0%7C22%3D0.0226%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0420%7C14%3D051108%7C15%3D0%7C1%3D0.65%7Cr%3D14%7C60%3D0.36%7C10%3D1.79%7C63%3D0.10%7C62%3D0.75%7C12%3D0.54%7C2%3D3.08%7Cps%3D0.378%7C3%3D0.81%7C4%3D1.75&ktd[]=274894749952&ktrkt[]=Private+Krankenversicherung+im+Test&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=6&kid[]=329541714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2287%7C24%3D93%7C25%3D0%7C22%3D0.0183%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0535%7C14%3D051108%7C15%3D0%7C1%3D0.29%7Cr%3D6%7C60%3D0.52%7C10%3D1.79%7C63%3D0.10%7C62%3D0.29%7C12%3D0.23%7C2%3D3.36%7Cps%3D0.378%7C3%3D0.54%7C4%3D4.17&ktd[]=274894749952&ktrkt[]=Sparkonto+mit+5%25+Zinsen&kwd[]=E-Bikes+g%C3%BCnstig+kaufen&kwt[]=391&kbc[]=1262271193&kwp[]=7&kid[]=329660640&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0284%7C24%3D82%7C25%3D0%7C22%3D0.0197%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0443%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D8%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.22%7C4%3D3.29&ktd[]=274894749952&ktrkt[]=E-Bikes+g%C3%BCnstig+kaufen&kwd[]=Kredite+f%C3%BCr+Rentner&kwt[]=391&kbc[]=1262271193&kwp[]=8&kid[]=329517997&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0578%7C24%3D2%7C25%3D0%7C22%3D0.0504%7C7%3D0.0001%7C8%3D051105%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0437%7C14%3D051108%7C15%3D0%7C1%3D0.64%7Cr%3D12%7C60%3D0.75%7C10%3D1.79%7C63%3D0.10%7C62%3D0.70%7C12%3D0.40%7C2%3D2.14%7Cps%3D0.378%7C3%3D0.26%7C4%3D2.03&ktd[]=274894749952&ktrkt[]=Kredite+f%C3%BCr+Rentner&v=1&gdpr=1&geo=50.1%7C8.62&dlper=20&lper=100&lpid=&tsid=3&hint=&cc=DE&wsip=170774882&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22b11jkJjO%22%2C%22QQ8E%22%3A%22uHF.h9.uuh.9%22%2C%22QQQN%22%3A%22_q%22%7D&cid=8CU62MU8E&vi=1683836589150294967&vsid=DefVid&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L130-S130&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=13&vgd_l1rakh=1683836589138167259&tsrc=entity&sttm=1683836589842&upk=1683836590.20799&hvsid=00001683836589842024540910086697&verid=3111299&sbdrId=99&vgd_ecrid=424785534&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D9009&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&vgd_cfud=230306&vgd_scsver=455&vgd_optout=0&vgd_ydspr=1&vgd_rensize=120_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A120%3Brend_h%3A600&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683836589842024540910086697&rc=0&rand=1683836590406&acid=e5b737c945ad43a7a2f5db35345c98f6&matm=1683836590406&vgd_ltimesrc=1&vgd_ltime=1047&vgd_rtime=1000&vgd_etm=12&vgd_l1hcsd=O76z2%7C3082&vgd_l1ch=1&vgd_lhl=1058&vgd_pgid=p11032739874t202305112023&vgd_csip=rtb-common-8549976cf7-khtm6.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=949&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22181265%2C22829021775%2Fultrasurfing_left_sticky_rail_0__container__%7CDIV-2e682939-75f5-4e7c-8e24-d83c3f4761f2&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683836589150294967&gdpr=1&tsce=L130&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=813823675&size=120x600&cc=DE&sc=HE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&rrr=sCGTE7flpaGrLWNLzJT7OBn33iMg-V7y48lRr_GXbwc%3D&nse=5&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&ebdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p11032739874t202305112023&essld=uHF.h9.uuh.9~r4~_q~b11jkJjO&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:10 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:23:10 GMT
generate_204
tpc.googlesyndication.com/ Frame 3E93 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F8PFiw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:23:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
visible
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 		0
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230509-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 11 May 2023 20:23:10 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1683836591.533859,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
http://ultrasurfing.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
log
hblg.media.net/ Frame 5C59 		35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAODAzZTBkMDIxYTViNDczYjhlYjBiYTI4NDU0NjE5MDTUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MTgOMTIweDYwMApldV9iZQQyMxBBUFBORVhVUxI4UFIxMTNKR0MGNDYyABAyNzU4NzUxOAIwPHJ0Yi1jb21tb24tODU0OTk3NmNmNy1raHRtNi5CRRI0MjQ3ODU1MzQCMAAgARBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:10 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Thu, 11 May 2023 20:23:10 GMT
log
hblg.media.net/ Frame 9AF6 		35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAZTViNzM3Yzk0NWFkNDNhN2EyZjVkYjM1MzQ1Yzk4ZjbUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MjAOMTIweDYwMApldV9iZQQyMxBBUFBORVhVUxI4UFIxMTNKR0MGNDYyABAyNzU4NzUyMAIwPHJ0Yi1jb21tb24tODU0OTk3NmNmNy1raHRtNi5CRRI0MjQ3ODU1MzQCMAAgARBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:10 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Thu, 11 May 2023 20:23:10 GMT
log
hblg.media.net/ Frame FFF2 		35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAM2RjZWFmYWIxOWFjNDJkNjhkYmFmM2Q5ZWRhMTMwZDTUt_ZgnAcEREUgdWx0cmFzdXJmaW5nLmNvbRI4Q1VINUVONDgQMjc1ODc1MjMMOTcweDkwCmV1X2JlBDIzEEFQUE5FWFVTEjhQUjExM0pHQwY0NjIAEDI3NTg3NTIzAjA8cnRiLWNvbW1vbi04NTQ5OTc2Y2Y3LWtodG02LkJFEjQyNDc4NTU2MQIwACABEEVYQ0hBTkdFAgJi&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:10 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Thu, 11 May 2023 20:23:10 GMT
cm
tra.neodatagroup.com/ Frame 2BDE 		1 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tra.neodatagroup.com/cm?sid=1&pv=MEDIAMATH&eid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&rt=img&rnd=532834265261
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.101.38.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 May 2023 20:23:10 GMT
Content-Type
image/gif;charset=UTF-8
Connection
keep-alive
Content-Length
1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
img
pixel.mathtag.com/misc/ Frame 2BDE 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=203441&check=598c645d-4ead-4b00-8d25-85ce3a0f7d67&mop_top=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x14 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=598c645d-4ead-4b00-8d25-85ce3a0f7d67&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D532834265261&mt_exid=10082&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:23:10 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x14 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 May 2023 20:23:09 GMT
async_usersync
ib.adnxs.com/ Frame C1EB 		0
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
AN-X-Request-Uuid
b3731b1c-5adb-4b4c-a40b-4a062c72f6dd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6B1E 		0
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:10 GMT
AN-X-Request-Uuid
4809bb9e-e77c-40d8-896b-50120b4b30cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305080101&jk=510136224565145&bg=!-Pul-6_NAAYldGN0BXQ7ADkAdvg8WnxtEM3eVo5Wilone_WAslOMvgVf5znzZmfh2DBPfCkQReA5zE4LreV7kSIr4Y5AuULBF0UCAAABYVIAAAAEaAEHCgC-xWTtA96_VCnltkSySwArqXdT2NZp8RWqXL_mTGgNbD8plXDb9NKyHodob3CcOHeDedfcho0FodtC-d0R6r699fv-jcN5fhAgqzOiMsfGcvEAiaZiFSHr3smVIhfo-TdSJ3D9vM67W3wrO_iNmxlATlD6R4udT43-vCGzFwNtUzmIQFTOdKtgM7xSQ8Sp_Gbw6AYnpDsRsJpdqcetbWdqL05xybRYctdLpqgysdpdazmjsS0ookPftMpb1bUtaZkCqFpZYW8VPN3JaLBEIkqnHT3fWzgdObeHp7l_mfZ0IEbjrJZ46j1Kg13bNCZ1v4MjET5ZY5wywnSGxm9ewS4n-QoOcsgY_ilri_6qJcE7pP41r_wzrXWBfez-xF5zJ0WVJOp5g_hyyOy85AEacpHoXfox2H2W3B1sjZbA7bi6Exw9HO8uZLumKN2PwmJmOiXJh1Rfk93uGTJ1if4dGRmojQ7ZJDeWdDS-KKh-n5_I_Y3IH-6T5O4KyMqGG7PeUZsGnXdNC0MG4k9OUnTez4PDD8XuKHVl_dA2C0OFAMXVsMuYEWXRDkmUPQNWWNy4MtbVahCx1T5VH_8OQTCp_nANXOqmhJAveAJg2ibHSjWxMu6fGMXXxCMufTBKRtXIF8GSbPXN46NhywlyW9iYokN3gLRcxl97wek6hPQK2H55JhOweLxULI3zbcOb7-hXNTBKpzsnaF9v4pEvDo2bM8Is2Igj9ITfF0f5kmxGBd18yoBrn4e9nWKeXIT0AUPUbz-T_m9Z0E8GpwEB13O6One3gYt9GMpUEKDi_P3O1c2u2jRRF9BpyFDjgze9uq2Jep2nqAF8P5fv5QSSWM-yNFgk-MU6Kq9bfHgctqIRrOI05s4M0eqgBTVqjos8b7pyKYBtIl4k7YbfT9Z2TW1x9WDYxVjOdudqkz4vJPUSiDInZ_v-hlIijaJC5-NiKBHVRo9j5czGtbzcHwau-SRtGh_uOn1Asr2wtst1kajjs6SsccPtJ4C-nhCYvpN-v5K5UgRJWB9iSp-uHf5S_qz8kXMQ3hxegsSKT_ixzRgv8j771UzmcHJ9RLgl5Z-63NKXSNLSksZ3aIExOrsIOaPIwDKAUVJbwHLucSoq1puPbDIaIXydcLI8geZVYUlJPptZ4i71pP3zVKFVyFr7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 11E2 		0
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7847&pub_id=995806&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7847&pub_id=995806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:11 GMT
AN-X-Request-Uuid
a5c2d689-8b22-4fae-aa60-deb172fb70af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7Lpwh_C7weXz-InKrRDUZZJgUEW6XVpYR-kbd3d02sFXlNkXpoCH6zChaC8zG5B7xlBPdqCcPVJdtzDr4MYfxT8uga3VBQ9V44kQtk3H_wKvnIT-B&sig=Cg0ArKJSzNIRHYF9Kl9AEAE&id=lidar2&mcvt=1000&p=487,1065,1091,1185&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=2558321257&rs=4&la=0&cr=0&vs=4&r=v&rst=1683836589443&rpt=742&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FFF2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVZ7ngY-uz5weJH8te9-AG2RpF8Z-TgcjzwVLyBrYfkb9jAUDvdTBYX5G4n66ZissPxWpmvlu7BpPJw3_GrwBpZQolu4UmAAo4BkgrJm0G773UADqZ&sig=Cg0ArKJSzNgVDCi4uiUcEAE&id=lidar2&mcvt=1020&p=1110,315,1204,1285&mtos=0,1020,1020,1020,1020&tos=0,1020,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=288064886&rs=4&la=0&cr=0&vs=4&r=v&rst=1683836589425&rpt=840&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 5C59 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLlBPBMZQIAAAMA1gAFAQirnfWiBhCfoIy8ybv8qhcY3sCesZyw9OcTKjYJz_dT46Wb1D8RFw6EZAET0D8ZAAAAwPUozD8hFw6EZAET0D8pz_cJJMgxAAAA4FG4nj8wvueTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgArT7XOoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMzI0NjIwMTQ0NjIzODM0ODA0Nl9zYmlkGhMxNjgxNTE1OTY1NjI5Nzk2MzgzIgk0MjQ3ODU1MzQqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE_uzGygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXGwYAOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=a033fa14ae057a9c497a1b337c898bdd2b59e627&type=pv&jm=1003&px=1065&py=487&bw=120&bh=600&sf=1&sid=2983365921538830166&vd=ct~0|rr~5&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587518&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:11 GMT
AN-X-Request-Uuid
7899116a-6295-45d9-9af6-8f427520c64f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9AF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv-8XNdF1rU57fJkDRD2h0GpN_1ka-NixsSp_wMad4TJraarlo5qcpSEcIGpACPsQNarZvxBhb8Pj46NK_rC4bWrAKCKLlpbwetVZZbBt_pbkYyCwc&sig=Cg0ArKJSzNmMzxApQPuREAE&id=lidar2&mcvt=1000&p=487,345,1091,465&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=2080800890&rs=4&la=0&cr=0&vs=4&r=v&rst=1683836589398&rpt=959&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 20:23:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame FFF2 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLiBPBAYgIAAAMA1gAFAQirnfWiBhCQ0ffc9fiwTBjewJ6xnLD05xMqNgmBlUOLbOe7PxH5g4Hn3sO1PxkAAABA4XrUPyEREgQpgQ0kBDEABRuopD8ww-eTDTinPUCVCUhgUJntxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgUG9IEBmAHKB6ABWqgBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACtftc6gIYaHR0cDovL3VsdHJhc3VyZmluZy5jb20vgAMAiAMBkAMAmAMUoAMBqgM_EhgzMjQ2MjAxNDQ2MjM4MzQ4MDQ2X3NiaWQaETQyOTk5NDU3NDYzMDAzMjgwIgk0MjQ3ODU1NjEqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEme3GygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAJOQkBbBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkJIgAABSQM2gcGCAUJZOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=5fa838269cdd977fd486b1a5c130440378f0307c&type=pv&jm=1003&px=315&py=1110&bw=970&bh=90&sf=1&sid=2983365921538830166&vd=ct~0|rr~5&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587523&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:11 GMT
AN-X-Request-Uuid
23c38683-38d3-4d36-8566-e6e33459b7cb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 9AF6 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&e=wqT_3QLlBPBMZQIAAAMA1gAFAQirnfWiBhDk3MCowb3M0y0Y3sCesZyw9OcTKjYJK4cW2c730z8RoMiTpGsmzz8ZAAAAoEfhyj8hoMiTpGsmzz8pK4cJJMgxAAAA4FG4nj8wwOeTDTinPUCVCUhgUP7sxsoBWMzOTWAAaMLgZngAgAEBigEDVVNEkgEBBvRIAZgBeKAB2ASoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAtXEXeoCGGh0dHA6Ly91bHRyYXN1cmZpbmcuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMzI0NjIwMTQ0NjIzODM0ODA0Nl9zYmlkGhMzMjg5NjUyOTQyODUyODYxNTQwIgk0MjQ3ODU1MzQqBU0xMTczwAOsAsgDANgDu6I24AMA6AMA-AMDgAQAkgQQL29wZW5ydGIyL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuNjmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE_uzGygGIBQGYBQCgBY7GlcPC4LSGLaoFJGJmYmZkNzJiLWYyMWQtNGVlYS05NjM3LWQ4M2U1ZmY0ZWMwMcAFAMkFAAAAAAAA8D_SBQkJAQoBAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXGwYAOAHAOoHAggA8AeXJ4oIAhAAlQgAAIA_mAgB&s=ca9078ec955d849cdb920711edde3d5c2fb01c14&type=pv&jm=1003&px=345&py=487&bw=120&bh=600&sf=1&sid=2983365921538830166&vd=ct~0|rr~5&sv=232&tv=view7-1h&ua=chrome52&pl=win&x=v&tag_id=27587520&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:11 GMT
AN-X-Request-Uuid
4e00f0b0-111d-4024-ab71-4f40ea47d5d9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bqi.php
lg3.media.net/ Frame 5C59 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=1972&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=120_600&vgd_ren_page_h=6274&vgde_bdata=~G-MjJzviXh~G8Ov9.Fh9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hi~OYYMYuv9.ffH~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.Hi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9A9~OYYMYuFv9.fA9~OYYMYfv9.uFf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.XFX~OYYMYFvu.999~OYYMYhv9.Hi9~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.ffH~JLEYv9.ffH~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXuW~Q7OvfhXWhXuW~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXuW~e8JB1G8j875v9.XFX9hi~NGOEv9.Fh9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.Fh9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXuW~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=813823675&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683836589609250702&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683836589721&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683836589175421285&l1ch=1&l1hcsd=l1!O76z2|3082&tsrc=entity&sttm=1683836589731&upk=1683836590.25616&hvsid=00001683836589731024540910082403&acid=803e0d021a5b473b8eb0ba2845461904&verid=3111299&vgd_sc=HE&infr=1&stime=1683836589457&vgd_ecrid=424785534&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p11032739874t202305112023&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:11 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:23:11 GMT
bqi.php
lg3.media.net/ Frame 9AF6 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=1972&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=120_600&vgd_ren_page_h=6274&vgde_bdata=~G-MjJzviXh~G8Ov9.FX9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuf9-F99~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9h~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9hh~OYYMYuv9.fuh~OYYMYu9vu.999~OYYMYuuv9.iXh~OYYMYufv9.HFA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiF~OYYMYuFv9.fA9~OYYMYfv9.uFh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvf9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYHAv9.hXX~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.HXA~OYYMYFvu.999~OYYMYhv9.HFA~OYYMYivu.999~OYYMLv9.fWf~JMLEYv9.fuh~JLEYv9.fuh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXf9~Q7OvfhXWhXf9~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXf9~e8JB1G8j875v9.HXfFWu~NGOEv9.FX9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.FX9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXf9~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=813823675&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683836589150294967&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683836589837&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683836589138167259&l1ch=1&l1hcsd=l1!O76z2|3082&tsrc=entity&sttm=1683836589842&upk=1683836590.20799&hvsid=00001683836589842024540910086697&acid=e5b737c945ad43a7a2f5db35345c98f6&verid=3111299&vgd_sc=HE&infr=1&stime=1683836589419&vgd_ecrid=424785534&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p11032739874t202305112023&vgd_pgids=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:11 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:23:11 GMT
bqi.php
lg3.media.net/ Frame FFF2 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=1955&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_tsce=L130&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=950&vgd_cage=0&vgd_rensize=970_90&vgd_ren_page_h=6274&vgde_bdata=~G-MjJzviHu~G8Ov9.fu9~G-M1Qzvi99i~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvih9-i9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vbKKTs4Tr~ONvyNEoJxoBJQ7uoG~OYYMOufvu~OYYMOuXvu~OYYMOuFvA~OYYMOuWvh9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXfv9.99~OYYMjv9.9A9~OYYMYuv9.9Fh~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufv9.uWH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWf~OYYMYuFv9.uFu~OYYMYfv9.uFA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvi~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9uA~OYYMYAHvu.999~OYYMYAXvuXA.999~OYYMYAFvuXA.999~OYYMYAivuFi.999~OYYMYH9vuFi.999~OYYMYXvu.999~OYYMYXuvuXA.999~OYYMYXfv9.Wfi~OYYMYFvu.999~OYYMYhv9.uWH~OYYMYivu.999~OYYMLv9.ffA~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~875EJvK00I4tPb~LMNNvr4~LM8EvuHF.h9.uuh.9~LMQNv_q~LGmvXMA~QJjjJLM71yM8OvfhXWhXfA~Q7OvfhXWhXfA~e8Q8G8j875vu~QxEEj5M71yM8OvfhXWhXfA~e8JB1G8j875v9.Wfi99f~NGOEv9.fu9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQvu~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9uA~myG8Ov9.fu9~875EJM8OvuF~QJjjJLM71yM8OvfhXWhXfA~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=487003955&requrl=http%3A%2F%2Fultrasurfing.com&vi=1683836589300891769&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683836589787&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683836589100690221&l1ch=1&l1hcsd=l1!O76z2|3082&tsrc=entity&sttm=1683836589793&upk=1683836590.20681&hvsid=00001683836589793024540910085008&acid=3dceafab19ac42d68dbaf3d9eda130d4&verid=3111299&vgd_sc=HE&infr=1&stime=1683836589439&vgd_ecrid=424785561&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p11032739874t202305112023&vgd_pgids=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ultrasurfing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 11 May 2023 20:23:11 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 11 May 2023 20:23:11 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683836592240&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1518&pt=-952926888&tz=0&viewable=true&ddast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00d9c8238220cfe29182f31403b697ee5eedc2d700ee8b9ad6e94358ad12d847

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

X-Cache-Hits
0
Date
Thu, 11 May 2023 20:23:12 GMT
Content-Encoding
gzip
Via
1.1 varnish
MachineId
1409
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-fra-eddf8230068-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1683836592.242173,VS0,VE70
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1683836595244&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1518&pt=-952926888&tz=0&viewable=true&ddast=V8yYICLAY4wiNqtY_y6RJwhEfUah_l0y0AAABgYID-AElMnIOZaTlxi5yz0Vo08izcyoVvthaOFiuHYbeZLBcuIyCJiXMwMy0nbpFzNlqLRp6FW7nwzdbC0WLlMOw2k-XCZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG2Sg6XT4XPd61dl0eXhel5vT7rNr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFhHg6zzWU2-QMAAAAACAAAAAASAAOG3yUAKLomT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQzgqXzivTnkSiRQsFmEEAAAAQNKorujIJJ2gYlHl__-_3wrAFQCAAESGvSfZLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEVLK1EwTVJOpqeYXEABgzS8gAACbcQMA8EYATtAJgNVJoMFmM1nMVsPZAQAAALjz____rwdkXIvBxGFZzVwuh2W12DgmLodz4VsOlovBbjGxbA-KDOMIbRDdU58QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWmwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHJOXBOXyy1ZjGxu0WQwcSsXK5tbY1ouV57ZxrHYDdai18d0cc1GpsnEiwQDUPYieVqkE8HIM1jNLM7RwjjYLReOkXGyMnk2xonFsvLsNiuLWKI5WaQT2WXfcS0GE4dlNXO5HJbVYuOYuBzOhW85WC4Gu8XEsi-NnBPXxOVySxYjm1s0GUzcysXK5taYlsuVZ7ZxLHaDtej1MV1cs5FpMvE3ZsPNcDNbDXf7xmy4GW5mq-Fu32EyPVOfs1Fcy0k8PsPlW_kZbE6DwmWweH8S02LanR1Uv9_RqXOql0Wd0e_3-_1-v9_v9_sNWs_BbFD4_tbq7vmb2bJ9l-wgNhgUsURwkU5UZ9Pl4Xldbm7V2XR5eF6Xm0UsUZou0om-6He7DA-fy18RSwSni3Qi9LtdFvUfNcRoNtcN5orFbi5brhIAAAAAAAAAgCWYZroJAAAAgJOBbBaLzWqdDmKzGc12q-UCgIif1wUAAAAAAAAAsAu9KGzcSi_Vrlhjj03U2XR5eF6Xm1t1Nl0entflZmUAEPHszDb7jCDWarWsAQAACGADAAAI4KYbbwJUpLj_____cQAAAGTk0AMAAKDfB1RVLvzIhWLPryAGq-Fk_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=nonrv_vA!nrlc_vB!ntvc_vA!rv0lcr_vA!smbs!timeba_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
HTTP/1.1
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d5ec6037ab4fb471bb444bd2a4b170f3ce9f098c6c06675032e71719e8963bcf

Request headers

Referer
http://ultrasurfing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 May 2023 20:23:15 GMT
Content-Encoding
gzip
Server
nginx
MachineId
1474
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
http://ultrasurfing.com
Cache-Control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2037571623&i6=2001:ac8:20:271::1e&r=http%3A%2F%2Fultrasurfing.com%2F
Domain
c.amazon-adsystem.com
URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

421 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| __cfQR function| gtag object| dataLayer object| _taboola string| bs_id_1716 boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data object| aawChunk object| aaw object| _pbjsGlobals object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| apstag function| docReady object| mnet object| liQ_instances object| TRC object| _tblConsole undefined| msg object| _comscore function| s_hsp function| pb_sdp number| mt_gdpr_on object| mt_gdpr_content boolean| pb_4 string| pb_9 number| mt_ext_stat number| mt_ext_stat_send boolean| mt_bid_cache boolean| mt_cmp_on number| mt_cmp_opt_lvl number| mt_dbstat_on number| mt_dbstat_cmp_only boolean| pb_l_result_found number| pb_8 number| pb_gv object| mt_temp_params number| mt_global_build_time object| mt_special_params object| mt_stopped_tags object| mt_google_slot_statuses object| pb_cl function| mt_get_container number| mt_start_loading_time function| pb_lg function| mt_add_temp_param function| pb_th function| mt_add_hb_history function| mt_add_google_history function| pb_ib function| mt_search_divs function| mt_search_div function| pb_f function| pb_f_sub function| pb_i function| mt_gtt function| mt_get_tag_by_id function| mt_get_tag_by_block function| mt_get_el_desc function| pb_l function| pb_sc function| pb_cp function| mt_get_geo function| mt_check_image function| intFromBytes function| bin2String function| pb_cb function| check_double_time_diap function| check_time_diap function| pb_rds function| pb_rdn function| pb_rde function| pb_ggr function| pb_ci function| pb_cg function| pb_cc function| slsc function| clsc function| glsc function| pb_glv function| pb_clo function| mt_check_block_mask_id function| mt_check_block_pattern function| mt_check_mask_pattern function| mt_undnone_elements function| pb_pi function| pb_v function| pb_xr function| mt_set_tag_leveling function| mt_get_day_of_week function| mt_put_wrapper function| mt_custom_replace function| mt_check_have_childs function| mt_use_teplate function| und function| mt_rp function| clear_id function| mt_check_ip function| mt_throttle_check function| lrm function| lgf function| chr function| adh function| mt_filter_script_repeat function| mt_filter_custom_triggers function| mt_filter_stop function| mt_filter_sizes function| mt_filter_iterations function| mt_filter_cmp function| mt_mlt_filter_template function| mt_mlt_filter_auto_placement function| mt_mlt_filter_multi_blocks function| pb_fsbl function| mt_bl_ex function| mt_ch_mltb number| mt_prebid_timeout_default number| mt_prebid_timeout boolean| mt_prebid_timeout_changed function| pb_h function| pb_rn function| mt_native_try_tag boolean| mt_window_focus_state function| pb_srl function| pb_a function| pb_pt function| mt_dt function| pb_s function| pb_spt function| mt_execute_passback function| pb_p function| disp function| pb_e number| mt_google_collector_activate_attempt function| mt_init_google_history function| s_g1 function| mt_receive_google_event function| mt_process_google_event function| mt_set_google_size function| s_g2 function| mt_check_google_ready function| mt_google_detect_activity function| mt_get_google_slot_by_id function| mt_clear_google_id function| mt_get_google_iframe_ad function| pb_st function| pb_ss function| pb_se object| cmp_list object| pb_lg_buffer function| mt_get_cookie function| mt_register_cmp_events function| check_cmp_timer boolean| mt_cmp_refresh_activated function| check_tcf_api function| mt_refresh_tags_cmp number| variable_1 object| didomiEventListeners object| mt_custom_triggers object| mt_custom_triggers_to_tags object| mt_custom_triggers_functions function| pb_pttg function| mt_process_triggers_array function| mt_process_triggers function| mt_process_trigger function| mt_process_filter function| mt_get_var_sub function| mt_check_google_ad_targeting function| mt_client_stat_add function| mt_add_client_stat function| mt_clear_client_stat function| mt_send_client_stat function| mt_client_stat_show function| mt_add_google_event_stat_click object| mt_client_click_iframe_stat_object function| mt_client_add_click_event function| mt_client_analyze function| mt_tag_have_deamon_leveling function| mt_client_deamon_leveling boolean| mt_blur_event_added function| mt_hbstat_process function| pb_so function| mt_add_dnone_stat function| mt_send_googletag_stat function| get_recursive_object function| mt_check_double_impression function| mt_send_double_impression_stat function| mt_start_double_impression_timer function| mt_add_google_send_stat_temp function| mt_add_google_send_stat function| mt_send_google_statistick function| mt_stat_get_connection_type function| mt_stat_get_os_type function| mt_stat_get_device_type function| mt_stat_get_browser_type function| pb_m function| pb_d object| mt_outdata object| mt_words_dict object| tag_templates function| mt_statistick_tick function| mt_add_ticker_statistick function| mt_send_ticker_statistick function| mt_set_timing function| mt_have_timing function| mt_round_timing boolean| p object| pb_t object| _qevents number| year object| _exaudiadapex boolean| pcommonID number| pb_5 object| _gcio boolean| apstagLOADED object| apscustom object| _aps boolean| element_in_viewport object| pb_10 object| COMSCORE object| ns_p object| ggeac object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| mt_throttle_timers object| lotame_sync_16576 function| ha object| $jscomp object| _neodataTags function| _neoJsPiggybackHandler function| GCIO function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| PublisherCommonId object| hadron boolean| __halo_loaded__ undefined| google_measure_js_timing object| mt_google_history boolean| mt_google_collector_activated function| setImmediate function| clearImmediate object| ID5 string| nam object| placementData object| au object| cmTag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| mt_google_stack object| _cm_wfCounters string| lastWfUrl object| GoogleGcLKhOms object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| MtBts function| metric string| vpaidId function| OvaMediaPlayer object| _mNDetails number| lnt_z number| pb_0 number| mt_time_old object| google_image_requests number| mt_time_new

34 Cookies

Domain/Path Name / Value
.ultrasurfing.com/ Name: _ga_Y4YW22RJ0K
Value: GS1.1.1683836587.1.0.1683836587.60.0.0
.ultrasurfing.com/ Name: _ga
Value: GA1.1.742740736.1683836588
ultrasurfing.com/ Name: _uc_referrer
Value: direct
ultrasurfing.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEwq531ogY4AUABSAEQq531ogYYAA..
.prebid.a-mo.net/ Name: __amc
Value: 1_1683836587_1683836587
.adnxs.com/ Name: uuid2
Value: 3595731012829818103
.rubiconproject.com/ Name: khaos
Value: LHJKTUJG-8-8IU6
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrwlaxpUDsrC/sKGGM1eolu5vVtDhgOVUPn/4TLQE0M/6upuSLDVNDz9o4CW9FCQy2O1cY3TuAeAeBxGCOXoSK1qthgj1jQEsHc6UO785F0Pw==
.quantserve.com/ Name: mc
Value: 645d4eac-1db05-f7297-c0448
.ultrasurfing.com/ Name: __qca
Value: P0-1875324410-1683836587862
ultrasurfing.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D4d9b5bee-21df-420b-91ef-c499e36c1170-tuctb56d42b
.getrockerbox.com/ Name: uuid
Value: rbcr-ba8ac569-c212-4f9a-841b-2a88b2ff800e
p2.gcprivacy.com/ Name: gcid
Value: 3dafc552-358f-4d05-8ae2-456aa0b65605
ultrasurfing.com/ Name: gcid_first
Value: 3dafc552-358f-4d05-8ae2-456aa0b65605
ultrasurfing.com/ Name: _lr_retry_request
Value: true
ultrasurfing.com/ Name: _lr_env_src_ats
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUn37QiVYvxM5BougFI6fbEkTX9Z-bI5oe0_qml3y5hfwZNuwtF46V0WKpp3gfA
.liadm.com/ Name: lidid
Value: 83b9ffdf-2448-43f2-b6fe-f191a2185491
.neodatagroup.com/ Name: cProfile
Value: AQMQGPapkAWdAAAAAAAEAAABiCEUxMgAB2RlZmF1bHQ=
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ultrasurfing.com/ Name: __gads
Value: ID=9e12947251e37051:T=1683836588:S=ALNI_MYyXR808zx-RrCE_qljEfty-jCmnw
.ultrasurfing.com/ Name: __gpi
Value: UID=00000bf9929dbf4c:T=1683836588:RT=1683836588:S=ALNI_MYwdkmr1gpkwWwYZ-zZOaqwOT0mvQ
.neodatagroup.com/ Name: cP
Value: AR0DEBj2qZAFnQAAAAABrDjH
.mathtag.com/ Name: uuid
Value: 598c645d-4ead-4b00-8d25-85ce3a0f7d67
.yahoo.com/ Name: A3
Value: d=AQABBK1OXWQCEEpru-mFLCbKRSb3bkhRjegFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAk2BlXbEav4VS0-X8feSR0Y
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.mathtag.com/ Name: mt_mop
Value:
.linkedin.com/ Name: bcookie
Value: "v=2&624e8512-5651-4ccd-8da4-f47229cdf9de"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODM4MzY1OTA7MjswMjFpjLQuI0FG+PqbkcrYSB3UmI0Q76xEoJ4yrFUfNmKAEg==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3003:u=1:x=1:i=1683836590:t=1683922990:v=2:sig=AQEfl_zN9D1YPvriSBMvTtTGr7DO6t1J"
.amazon-adsystem.com/ Name: ad-id
Value: A7hCWkIPsUN3j68gBRnbc1A
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.neodatagroup.com/ Name: tr
Value: loCAwIOjREJNzmReoC2mQU1BWk9OAKlNRURJQU1BVEjOZF6gLoCD2gArMzEwMThmNmE5OTAwNTlkX0NBRVNFT1dicjByOFl6MUk1WnlKZ19BemRNZ85kXU6tvzMxMDE4ZjZhOTkwMDU5ZF8zMTAxOGY2YTk5MDA1OWTOZF1OrdoANDMxMDE4ZjZhOTkwMDU5ZF81OThjNjQ1ZC00ZWFkLTRiMDAtOGQyNS04NWNlM2EwZjdkNjfOZF1Org==

8 Console Messages

Source Level URL
Text
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2037571623&i6=2001:ac8:20:271::1e&r=http%3A%2F%2Fultrasurfing.com%2F' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2037571623&i6=2001:ac8:20:271::1e&r=http%3A%2F%2Fultrasurfing.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://ultrasurfing.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idx.liadm.com/idex/prebid/any?resolve=nonId
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: http://ultrasurfing.com/
Message:
The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1436ac58350ca61e9e7b314884caa7e4.safeframe.googlesyndication.com
a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.neodatagroup.com
cat.hbwrapper.com
cdn.adnxs.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fra1-ib.adnxs.com
ghb.adtelligent.com
grid.bidswitch.net
gum.criteo.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imprammp.taboola.com
increaserev.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lg3.media.net
match.adsrvr.org
metrics.getrockerbox.com
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
qsearch-a.akamaihd.net
region1.analytics.google.com
rt.marphezis.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tempnextstat.bcovery.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tra.neodatagroup.com
tracker.neodatagroup.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
warp.media.net
wf.taboola.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
c.amazon-adsystem.com
fid.agkn.com
104.111.217.42
104.18.25.185
108.128.23.9
13.32.99.105
141.226.228.48
142.250.181.230
142.250.74.194
147.75.84.158
151.101.1.44
151.101.65.108
151.101.65.44
162.19.138.119
162.19.138.120
172.64.103.36
178.128.135.204
18.184.127.5
18.194.183.76
18.66.122.63
192.241.157.60
2.16.202.121
2.18.233.201
2.18.235.93
20.101.38.191
2001:4860:4802:34::36
212.82.100.182
213.19.147.43
216.52.2.91
23.205.176.78
23.212.88.20
23.32.184.180
23.35.228.23
23.37.63.179
2600:1901:0:8344::
2600:9000:223c:4a00:6:44e3:f8c0:93a1
2600:9000:223c:6600:6:44e3:f8c0:93a1
2602:803:c003:200::31
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::ac43:17ea
2606:4700:20::ac43:4a72
2606:4700::6810:84e5
2606:4700:e6::ac40:c516
2620:109:c002::6cae:a14
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:2638:d::d
2a04:4e42:400::485
2a05:d018:d29:3605:e341:f6b2:dd43:a873
3.71.149.231
34.107.148.139
34.117.132.248
35.171.180.138
35.186.253.211
35.71.131.137
37.252.171.22
37.252.171.85
44.209.73.107
46.51.163.206
51.89.9.253
52.204.157.234
52.222.208.154
52.222.209.4
52.28.75.191
52.46.151.131
54.75.237.72
62.149.23.112
65.9.66.68
67.220.228.201
69.173.144.138
8.43.72.97
00d9c8238220cfe29182f31403b697ee5eedc2d700ee8b9ad6e94358ad12d847
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
041fae49bdc332d692b89d7d8c708dfb28f175d10cddaf1959c1bb46ddd4d3c5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0599d4ae8285407f73456517de08f23eb35063a1fe01490eeb6ec2e0823cd700
07dbb70df2498ef8e6616bac53b1131a946add2ede96c63ef322ed5d9d8b124a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c98b72b404f1e6d52aa5104d51fad3f2578017b418cf86a98e1def8da7be16e
10154f16cf4023d4e00fcc84c21754ba7f70916dc2580bfb6af6b6a2104d8a76
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b6f03e5add0ddd865c8fbbcbfef58b7b389d6f6b3b2031b345c402f1492c3d
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
168a16148554d35e7064929d8c379afa5e4c9b4e92f6f510825a54b566af90f7
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f8282c783de003b86b0d2589f4b950f7447f8797fa3b79a73f74d4b04e40a4
1aa412469011478080aca85e4ecf4d70089b494625739eabaf41c92886372811
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cbc6426b069330c054993f1c434f91e2bf464ad386236d1b557483d7baa4dd1
1cfca4c8aa27ea4f83ffbc34c12766550d2101dedf713d5776c011be1a0fa91f
222280782d5e33284340b9f3b6ad8281988eea0a2f1bc396fbd6f35286ca6626
25e86564f8c988311240600e78167d9f3e81f7e66b3fd29d22943952772210ea
26067cc5f9ac046e1285b18861e2b564daea5eaf2d886533d7abdf4cda2d13f9
272e40d3053403d04c05acacecd7fada716d4bd07397f5c53accbd8f6b987588
274f572aaf1453d313af892b1af4ce76b413ca833b6c3ec062923eb6e82db61b
2a44b6c26a26a682f018b31a4858383bb81a9ed1788c0cfacde31b03bfe75436
2b43d2d07c7292eb5b32b05cf2d73fcf8f3412d547b268eea358a4aa30ab3e6f
2c1e58df634cb70e1f4cd557dfe24b93d4f595c3ab30db077011b7e57f5957d1
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d
2e11a0e7c48e032cb9aea262235c27384abe06ca17a38bbb5861e1d834ecb6c0
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
325c2e22bcef7a460e5af8c8ff3ef87bf532d16962dbab44f678611d9230958c
355479f062ab9279e50aeb1d4ceb164c7680c20174f4483ee03abe46dbc51c80
357d451ba51323303d179a2abecbd9a78cce9a6458d7a604007a180d92ca72e0
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
3857634543824c46b5f1f435e9375e75e0ad96b16d9bf4525e54f0f14bfb25e8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d58b29ffaca204de2d5e1e4e12ebe5dcb7d85ba97268e86470798d2da291481
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d705bc546b53d44586a86da22b7321799913d9118a612f78809ae56afdadeeb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
498cbfb788d5d300c585a932cbccb3eed28851148ffc415a6a4314b3a723b45c
4a0a18910f117e0d70cef28c6b8b19085eebe7604d0ad0bb03f9cfe8c61a155c
4a4966ea04f72d69876eacd3514b56f78d7b17a94e87c11d43af02f5bf50d56e
4a7e5214c17066ad2278d15b001d21f2343958a2792f20dd882d87bcec0404ac
4b1aa4f63a06fea235bb213c0d6c050969a5da7928b4daf6078531f6935f2541
4b335f65a9002e20099c1f16c441802677a12f17dfffa2a8a313e92bb46b2d41
4d81ee707aa39bd2584d53e68e2411fcb80e123ce679c8b98e7917703fded80b
4f8c411dab45a1d21a9be8ef9547ef104783c4a6697accc8e27e0bf9f7e42a19
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
543969c810bc5a87f0701133e8a03ba5daf57e2a0b705283ed66e3485ab86d9c
5457fd78471b76755f4db87382c2ee5c7ac1d68abad6c0c7104cfdf22b5af16f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e78219ff5d7284ffd2fe85d01d22e151adb986c7fcff8a644eda5c3905b394
559abea84e10510fee39da592b4686fe92aa31d04d68956e06a51d135089b775
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5670569e03549850e3c374698f05f4191e1bdeb13231651bd5c36526972cbd2d
5d1aecb40ee800f36b40c4d45e389a82e31e55f4498bde9150385d5e1a5aecb6
5d3b8b373035174d6b983146e654d9a55a5607568032335bf109eb0db2344c71
5fb32d1245f0c055136ff16fc4ceef07eb91022df8c7b08bc006452f5f903bd0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6579251e7866b2d2b50d446cc1d0f5a0879586ccabae2f85f71fd2165efa958d
65d9212b443db11499e58dcc5a257201ed013c67d6ba3ca48ad719361852bb1d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
677006961ded05219b7cf7cefed3467b560322ff62906e5c6090a21148a204aa
67b8c17b3c24a3061095d1478d3719f933c99faec550958e80db1b59c8318e13
68d791c7328cf3639b190a4193d6104d3987a5da05874bc3da2ca7e30de1e818
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c270ac6f9b1eaa604644944df4bb59aa3b1faec39335d02071e1fd27b608531
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0
6d03f5ede931c6b90381663cdbb99032d90ea9bc5b9d57289ea4052dfc8b8f0b
6f7b29d11ee17992cd88f5a58576578c886c929316fe2e6abaeae518943b2ef6
71fff2d9602fde57b90de5b35c6de7f90a62c343f9b9e088f2023f8adf7f1b6d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a5447352b7bf623a6f53e84a2559eac3ed5ac800f0299cdb75548c673770bf6
7d46b54c82c85171c060cd4a19826b54d3384a6701f3541a648402ce139accd6
81f9a1d97afddcb1a4592c277961147c774e155e766685649e851529f7e685ef
82b4ac42d933ee78860ff7c601245dfd070baf2d5ce327ced0fede73a8c09136
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8491414993b4cce1e868608a33c23adcf607afc2605962798599ef16a2ac6743
850db36fa7d3391441934a0dd53fd23565b6aa473490306851ff7c8a7ee45cfa
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
8607e1a4e91b94c0c9bb21175b755ee84a1a422bcea0866cf376dde9237f5829
89ec4093dc9027d8436018644b42728f1c343d486505c1ea06298c77b04cadda
8c080dade3f6a7111ce8d12efc6238490c38bc7121759621a3009da8489d4dba
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908ff6d200b07e277f56620f4c88806309d169898d46390a6b89c43ae246a7e8
9120c2c9935bd7e7660e87726263091f79226363a0a680b69ad297ec770da1c9
97a216fe2a7673830669c4353c36cd36c58c137aeecedf5f47d90541e620ccea
984974b85250965fb864f580aee7f46131ea97e843e21b58289513e33685c31b
9b69b34fd0afb9b191092f39e3536a7918c68eb205824e4a0ccdab6d6daf175b
9c26422444f4909d9a1dea66c068c2fc828c865ce62ec917fa55e142b6fef8b1
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9eb678410089ec829489f54c6293ab987ed8af5765859c040728c0abb1a43d0c
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a0a8ab249355bdff84d2b0e7643c3d39ed25327d8bad19d6e28b8b28754c5f3c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cc6f0e0f1e062b75078a577b806993504667e29f02a185b2ba377033e42e43
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a573d67271700ec3fb1825170fdba883d0caf2a32f5c4aabccc12ea37dcc08e9
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a9035b6f95f2a98e4a8ea5ec0f069f3af2b74cdc47a8711d96244ab508cf6fec
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b09b366c27f31a798adc5d47c57fa03f23a3f0ef6c0f9bfec8d8ff67279e3252
b09ba6e0f2ea66dc1597d8154b0f46f3f8c3ee4f6b2eb1e584d6957908df1ad4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b38f2f3ca34bdb5806a224f34d34b4e279f259dae6ab9790ab6a503c3d95e7b8
b44d59b6d0e3be9260bffad9b7dc048a60ca8fc93f82e05e49b0a465c45fe579
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264
b4d82ca5005a24b6c1c0bc02a543059a26371b5dd7a8912b3b3e1f2dfacc77dc
b532d2ce382b585afd8dcb5ebee9658b00bdf5a666198ce2f6ec2dbc1d4da73c
b62b2b3850cc248a542b7d3af7a6a13b296b53e51a0edc02986d53cdb6829174
b6e2e3a5ebde222062f455c1adc8c3a18f93746015048fb9cca6fb69f58fee98
b7abb9ca9a6f296824cbb079bfb9a72081895a394e29187fd87c6fab2dd9d1db
bacd1ad6028a1bad78360ebc3259fcd206735b424b6b62315c206e447451828d
bad4fb9293d88230e4df0eed754178e507ae070c432899fd0eabc24af80bf349
bcf2d6d1676ee3c177dbcdf3cde63d34682913661e73388cb408f1815a609c55
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c257582744201a571aeb4fdc4117135440b9f746a07d36703fa5ab0b6b36e21a
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c5f4068707ae8a4ea8d64c8e4e27e1c1047c9f497e98df216d84b39aa5d87ba5
c645b2297568c10fd6b2a345d2cda9abd7e1266845d2778be66216342cefabc9
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
c9d733f780513695338ff44ca1405e9a455925ac3c830632d66bd8b0875b47a7
cbfb2cca3b041eb7e03f394f6cc31330aca39c8b24ecd7d4fc3525f5e35155b7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2d1d17fe14ba1bc027eb875d581a0a3998e4bcdceabead71bfc8ef386a1a7e1
d5ec6037ab4fb471bb444bd2a4b170f3ce9f098c6c06675032e71719e8963bcf
d7a7ada7a71cfb30753fc6b01acf34d453382c9f1aa6b2a415929cb261b80b03
ddd23d4a42475d4c887357e2083479935290080a7d04eedd2da40fbd06065101
ddd4968084c794b22b923d972baa11298e5a6a7bb2289613bc3e70bb6e6076e6
def0dc1680d9e3cc3bfff20c89bf5dea9e1c1378c076c9af82616efb7d168db8
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1177492b054782e2fa6785f309a458507bfbd28a70d7eaac3ee4fa31d585277
f2bb510a8cd07d4caf12d0328b4ec6c144b27989b558754e2aa1c7b7713ac913
f3c364bc4bfcf521f0cf699982632ac7e217919db47d155013511245ea4adebb
f4faef730c9d6bb084fe665e9e5db4e9ac041a82c48043979978df34b82215e9
f5ad649aa54da9be1d6a397bcef06b6424a2798a6fceb44d3421aec357ac9d17
f67b6499d74ce3ce5dfe68042e58ef1fd0b2b69c8f56957b9eabcdc4d9f7ba90
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d97558e6bb254641af2704f324d2f3cd497619e3695c1a1e77a406a0c33cd6
fa7e91cb7e0bc474c6ce1630b32dfa85e1c3321ea9ed1965ed0c328766c09ba2
fbe2c5fb0c0995bc67959399b97d39c4b31324e2254b842bcea7993ad40c3584
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fecf15dff30a1084efe60c5b553e5becd24c6c78a4c5357f8e93c64c1e209ceb